Danish jewellery large Pandora has disclosed a data breach after its buyer info was stolen within the ongoing Salesforce knowledge theft assaults.
Pandora is among the largest jewelry manufacturers on the earth, with 2,700 places and over 37,000 workers.
“We’re writing to tell you that your contact info was accessed by an unauthorized celebration via a third-party platform we use,” reads a Pandora data breach notification despatched to clients.
“We stopped the entry and have additional strengthened our security measures.”
As first reported by Forbes, solely clients’ names, birthdates, and e-mail addresses have been stolen within the assault. Passwords, IDs, and monetary info weren’t uncovered.
Supply: Reddit
Whereas Pandora has not shared the title of the third-party platform, BleepingComputer has realized that the info was stolen from the corporate’s Salesforce database.
Since at the very least January 2025, if not earlier, risk actors have been conducting social engineering and phishing campaigns concentrating on firms’ workers and assist desks.
These assaults are designed to steal Salesforce credentials or trick workers into authorizing a malicious OAuth utility to their Salesforce account.
Utilizing this entry, the risk actors obtain and steal the corporate’s Salesforce database, which is then used to extort the corporate into paying a ransom to stop the info from being leaked.
ShinyHunters confirmed to BleepingComputer that they’re privately extorting firms and can carry out a mass sale or leak of firms that don’t pay a ransom sooner or later, like they did within the Snowflake data-theft assaults.
The risk actor additionally confirmed that the assaults are ongoing, so all firms ought to evaluate Salesforce’s suggestions on hardening their accounts.
“Salesforce has not been compromised, and the problems described aren’t on account of any recognized vulnerability in our platform. Whereas Salesforce builds enterprise-grade security into every part we do, clients additionally play a crucial function in preserving their knowledge protected — particularly amid an increase in subtle phishing and social engineering assaults,” Salesforce instructed BleepingComputer.
“We proceed to encourage all clients to comply with security finest practices, together with enabling multi-factor authentication (MFA), implementing the precept of least privilege, and thoroughly managing linked functions. For extra info, please go to: https://www.salesforce.com/weblog/protect-against-social-engineering/.”
Different firms impacted in these assaults embody Adidas, Qantas, Allianz Life, and the LVMH subsidiaries Louis Vuitton, Dior, and Tiffany & Co.
Nevertheless, BleepingComputer has been instructed that there are lots of extra that stay undisclosed.
Malware concentrating on password shops surged 3X as attackers executed stealthy Good Heist eventualities, infiltrating and exploiting crucial methods.
Uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and easy methods to defend in opposition to them.
