Tag: extortion group
4 articles

Microsoft Tracks ShinyHunters' Salesforce Data Theft Via OAuth Flaws
Microsoft uncovered a sneaky year-long operation by the ShinyHunters extortion group, who exploited trust in Salesforce's OAuth system to steal sensitive data, using clever vishing tactics to trick employees into granting access to a malicious app. The attackers posed as IT support, convincing victims to authorize a fake Data Loader tool that allowed them to make API calls and search for valuable credentials.

Council of Europe Probes ShinyHunters Data Breach Claims
The Council of Europe is actively investigating claims by the ShinyHunters extortion group that sensitive internal documents were stolen, and is working to assess the situation. The organization, which represents 46 European member states, has confirmed the probe but declined to provide further comment at this stage.

DentaQuest Breach Exposes 2.6 Million Accounts
A major data breach at DentaQuest has exposed a staggering 2.6 million accounts, after an extortion group called ShinyHunters claimed to have stolen over 234 GB of sensitive data. The breach was confirmed by DentaQuest on June 2, who assured customers they are actively managing the cybersecurity incident.

Google Exposes New Extortion Group Targeting BPOs and Helpdesks
A new extortion group, uncovered by Google's threat intelligence team, is setting its sights on Business Process Outsourcing (BPO) companies and helpdesks, posing a significant threat to the service layers that many businesses rely on. This emerging threat, possibly linked to the notorious "Raccoon" persona, has the potential to create widespread pressure points across multiple organizations.