A notorious predominantly English-speaking hacking group has launched a website to extort its victims, threatening to release about a billion records stolen from companies who store their customers’ data in cloud databases hosted by Salesforce.
The loosely organized group, which has been known as Lapsus$, Scattered Spider, and ShinyHunters, has published a dedicated data leak site on the dark web, called Scattered LAPSUS$ Hunters. The website, first spotted by threat intelligence researchers on Friday and seen by TechCrunch, aims to pressure victims into paying the hackers to avoid having their stolen data published online.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Massive leak of over 115 million US payment cards caused by Chinese “smishing” hackers
August 10, 2025
A wave of advanced phishing campaigns, traced to Chinese-speaking cybercriminal syndicates, may have compromised up to 115 million US payment cards in just over a year, experts have warned. Researchers at SecAlliance revealed these operations represent a growing convergence of social engineering, real-time authentication bypasses, and phishing infrastructure designed to scale. Investigators have identified a figure ...
- Bouygues Telecom data breach could affect millions of customers
August 8, 2025
French telco giatn Bouygues Telecom has confirmed suffering a cyberattack in which it lost sensitive customer data. In a short announcement published on its website, the company said it detected the attack on August 4, and following an investigation, determined threat actors stole people’s contact details, contract data, civil status data (or company details), and IBAN ...
- Taiwan arrests 6 in probe of TSMC chip technology leak
August 6, 2025
Taiwan prosecutors arrested six people suspected of stealing trade secrets from Taiwan Semiconductor Manufacturing Co (TSMC), opening an investigation into a potential breach of national security involving a global tech industry linchpin. The chipmaker to Nvidia reported a number of former and current staff to authorities on suspicion they illegally obtained core technology. A total of ...
- Hacker used a voice phishing attack to steal Cisco customers’ personal information
August 5, 2025
A cybercriminal tricked a Cisco representative into granting them access to steal the personal information of Cisco.com users, the company said on Tuesday. Cisco said it discovered the breach on July 24, blaming the incident on a voice phishing or “vishing” call. The hackers accessed and exported “a subset of basic profile information” from the database ...
- Data breach at Central Maine Healthcare exposes patient information
August 1, 2025
Central Maine Healthcare says an unauthorized party gained access to its network on March 19th, and they kept that access until June 1st. After a weeks-long shut down of phone and online services, Central Maine Healthcare officials say patient data was likely compromised during a two and a half month period where a hacker gained access ...
- Singapore: Critical information infrastructure owners must report suspected advanced cyberattacks under new rules
July 29, 2025
Owners of Singapore’s critical information infrastructure (CII) will soon be required to report any incidents suspected to be caused by advanced persistent threats (APTs), a type of prolonged cyberattack typically carried out by well-resourced threat actors. The reports must be made to the Cyber Security Agency of Singapore (CSA), said Minister for Digital Development and Information ...