Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

ShinyHunters uses vishing to breach Salesforce data

AI-powered voice scams fuel ShinyHunters’ global attacks.

byAytun Çelebi
September 3, 2025
in Cybersecurity

The cybercrime group ShinyHunters has garnered international attention after Google advised its 2.5 billion users to enhance their security protocols. This recommendation followed a data breach that exploited vulnerabilities within Salesforce, a widely-used customer management platform.

Unlike conventional data breaches involving direct intrusion into databases, ShinyHunters, alongside other groups, has recently employed voice-based social engineering, known as “vishing,” to target major corporations. Vishing represents a form of social engineering where individuals are manipulated into divulging confidential information or performing actions under false pretenses.

In a vishing attack, a perpetrator impersonates an IT helpdesk employee to deceive an actual employee into revealing passwords or multi-factor authentication codes, thereby gaining unauthorized system access. Though not a novel tactic, the increasing sophistication of deepfakes and AI-driven voice cloning has made vishing more difficult to detect. These technologies enable criminals to convincingly mimic voices and create realistic scenarios, enhancing their deceptive capabilities.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

Throughout the current year, several prominent companies, including Qantas, Pandora, Adidas, Chanel, Tiffany & Co., and Cisco, have reported being targeted through similar vishing methods, impacting millions of users. These incidents highlight the widespread vulnerability to social engineering tactics.

ShinyHunters, a cybercrime group, emerged in 2020, claiming responsibility for successful attacks against 91 victims. The group’s primary motivation is financial gain, though they have demonstrated a willingness to inflict reputational damage on their targets. In 2021, ShinyHunters announced the sale of data allegedly stolen from 73 million AT&T customers, illustrating the scale of their operations.

Prior to employing vishing, ShinyHunters targeted companies by exploiting vulnerabilities in cloud applications and website databases. Their focus on customer management providers like Salesforce enables them to access extensive data sets from multiple clients through a single successful attack. This approach amplifies the potential impact of their breaches.

The group’s adoption of social engineering techniques signals a shift in their modus operandi. This evolution is reportedly linked to their collaborations with other cybercriminal entities. In mid-August, ShinyHunters announced on Telegram a partnership with Scattered Spider and Lapsus$ to target Salesforce and Allianz Life. Telegram removed the channel shortly after its launch. The group subsequently released Allianz Life’s Salesforce data, which contained 2.8 million records pertaining to customers and corporate partners.

Scattered Lapsus$ Hunters, a rebranded iteration of Lapsus$, has recently advertised the provision of ransomware-as-a-service. This offering involves launching ransomware attacks on behalf of paying clients. The group claims its service surpasses those of other cybercrime organizations, including LockBit and Dragonforce. Instead of private negotiations, they often publish extortion messages publicly.

The cybercriminal landscape involves overlapping memberships among groups like ShinyHunters, Scattered Spider, and Lapsus$. These groups operate internationally, with members participating from various locations on the dark web. Further complicating matters, each group is often identified by multiple aliases; Scattered Spider, for instance, is also known as UNC3944, Scatter Swine, Oktapus, Octo Tempest, Storm‑0875, and Muddled Libra.

Individual users can take limited direct action against organized cybercrime. Maintaining personal vigilance against scams is crucial for self-protection. Social engineering effectively exploits human emotions and the inclination to trust and assist.

Companies can proactively mitigate the risks of vishing. Implementing awareness training and scenario-based education programs for employees is vital. Verification methods, such as on-camera checks requiring employees to present corporate badges or government-issued identification, can also be implemented. Asking questions that cannot easily be answered with publicly available information online presents another layer of defense.

Organizations can bolster security by deploying authenticator applications that mandate phishing-resistant multi-factor authentication, incorporating techniques like number matching or geo-verification. Number matching necessitates users to input numbers from the identity platform into the authenticator app to validate authentication requests. Geo-verification uses the user’s physical location as an additional authentication factor.


Featured image credit

Tags: GooglesalesforceShinyHunters

Related Posts

Google’s Live Threat Detection is reportedly coming to more Android phones

Google’s Live Threat Detection is reportedly coming to more Android phones

October 23, 2025
Meta’s latest update focuses on protecting older users from scams

Meta’s latest update focuses on protecting older users from scams

October 22, 2025
US judge bans NSO Group from targeting WhatsApp users with Pegasus spyware

US judge bans NSO Group from targeting WhatsApp users with Pegasus spyware

October 21, 2025
AWS outage: A complete list of every site and app that went down

AWS outage: A complete list of every site and app that went down

October 20, 2025
Windows 11’s new security patch is a system-breaking disaster, fix it now

Windows 11’s new security patch is a system-breaking disaster, fix it now

October 20, 2025
Discord confirms support vendor hack exposing user data and government IDs

Discord confirms support vendor hack exposing user data and government IDs

October 20, 2025

LATEST NEWS

Reddit sues Perplexity over alleged large-scale data scraping

Google’s Live Threat Detection is reportedly coming to more Android phones

The ChatGPT Atlas browser is already facing its first security exploit

The Willow chip marks a new milestone in Google’s quantum race

HBO Max finally lets you tell the algorithm what you actually think

The Lomo MC-A is a film camera with USB-C charging capability

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.