On October 3, 2025, Hackread.com reported a massive data breach involving hackers exploiting a Salesforce vulnerability, leading to the theft of 989 million records from 39 major companies worldwide. The group, called Scattered Lapsus$ Hunters, threatened to publish the data unless negotiations were initiated by October 10.
Some key companies affected included Fujifilm, GAP, Vietnam Airlines, Engie Resources, Qantas, and Albertsons. The leaked data contains a variety of personally identifiable information (PII), including names, addresses, phone numbers, and email addresses, along with sensitive corporate data.
The Qantas leak, for example, totaled 153 GB with over 5 million records including frequent flyer info and internal business details. Vietnam Airlines suffered a leak of 63.62 GB containing over 23 million records. Other companies had smaller leaks, with Albertsons showing 2 GB of data containing around 672,000 records.
The full list of affected companies spans notable brands like KFC, McDonald’s, and Disney. Following the leak, the hackers claimed they would not release any additional information, raising concerns over identity theft and reputational damage for the involved companies. The incident underscores deeper issues regarding the security of sensitive data managed through third-party platforms like Salesforce.
Source link
