third Get together Threat Administration
,
Cybercrime
,
Fraud Administration & Cybercrime
Salesforce Revoked Gainsight Authentication Tokens
Buyer relationship administration large Salesforce is once more notifying prospects that hackers could also be stealing their knowledge by means of a third-party app. The San Francisco firm late Wednesday disclosed that apps printed by Gainsight related to Salesforce situations could have “enabled unauthorized entry.”
See Additionally: OnDemand | Remodeling Third-Get together Cyber Threat Administration: From Compliance to Actionable, Automated, and Threat-Primarily based Packages
Gainsight is a buyer knowledge administration device. The agency didn’t reply to a request looking for info on the variety of impacted prospects however mentioned on-line it’s working with Salesforce and investigating the incident. Salesforce mentioned it revoked the Gainsight app entry tokens and quickly eliminated the writer’s software program from its AppExchange cloud market.
Austin Larsen, a principal risk analyst at Google Mandiant, attributed the hacking to ShinyHunters, a hacking group whose actions overlap with a gaggle the corporate tracks as UNC6395.
ShinyHunters itself took duty for the Gainsight hack in a assertion posted by DataBreaches.web.
The hacking group – as a part of an excellent group calling itself Scattered Lapsus$ Hunters – earlier this yr stole knowledge from Salesforce situations after stealing authentication tokens from Salesloft, one other Salesforce third-party app supplier. Because it did with knowledge stolen by means of Salesloft authentication tokens, the group threatened to launch a devoted web site containing stolen knowledge except Salesforce complies with their calls for. Salesforce already rebuffed hackers’ extortion demand made after the Salesloft hack (see: Salesforce Rebuffs ShinyHunters Extortionists’ Ransom Demand).
“That is most likely the third of 4 large-scale campaigns towards Salesforce by the identical group once more,” asserted ShinyHunters to DataBreaches.web
Gainsight counts as prospects firms together with id supplier Okta, good speaker maker Sonos and payroll large ADP.
With reporting by Info Safety Media Group’s David Perera in Northern Virginia
![[Webinar] Eradicate Ghost Identities Earlier than They Expose Your Enterprise Information](https://blog.aimactgrow.com/wp-content/uploads/2026/04/ghost-120x86.jpg)
