EPISODE · Aug 19, 2025 · 14 MIN
Mass Salesforce Hacks: How Criminals Are Targeting the Cloud Supply Chain
from Cyberside Chats: Cybersecurity Insights from the Experts · host Chatcyberside
A wave of coordinated cyberattacks has hit Salesforce customers across industries and continents, compromising millions of records from some of the world’s most recognized brands — including Google, Allianz Life, Qantas, LVMH, and even government agencies. In this episode of Cyberside Chats, Sherri Davidoff and Matt Durrin break down how the attackers pulled off one of the most sweeping cloud compromise campaigns in recent memory — using no zero-day exploits, just convincing phone calls, malicious connected apps, and gaps in cloud supply chain security. We’ll explore the attack timeline, parallels to the Snowflake breaches, ties to the Scattered Spider crew, and the lessons security leaders need to act on right now. Key Takeaways Use phishing-resistant MFA — FIDO2 keys, passkeys. Train for vishing resistance — simulate phone-based social engineering. Monitor for abnormal data exports from SaaS platforms. Lockdown your Salesforce platform — vet and limit connected apps. Rehearse rapid containment — revoke OAuth tokens, disable accounts fast. References Google - The Cost of a Call: From Voice Phishing to Data Extortion Salesforce – Protect Your Salesforce Environment from Social Engineering Threats BleepingComputer – ShinyHunters behind Salesforce data theft at Qantas, Allianz Life, LVMH TechRadar – Google says hackers stole some of its data following Salesforce breach LMG Security Blog – Our Q3 2024 Top Control is Third Party Risk Management: Lessons from the CrowdStrike Outage
What this episode covers
A wave of coordinated cyberattacks has hit Salesforce customers across industries and continents, compromising millions of records from some of the world’s most recognized brands — including Google, Allianz Life, Qantas, LVMH, and even government agencies. In this episode of Cyberside Chats, Sherri Davidoff and Matt Durrin break down how the attackers pulled off one of the most sweeping cloud compromise campaigns in recent memory — using no zero-day exploits, just convincing phone calls, malicious connected apps, and gaps in cloud supply chain security. We’ll explore the attack timeline, parallels to the Snowflake breaches, ties to the Scattered Spider crew, and the lessons security leaders need to act on right now. Key Takeaways Use phishing-resistant MFA — FIDO2 keys, passkeys. Train for vishing resistance — simulate phone-based social engineering. Monitor for abnormal data exports from SaaS platforms. Lockdown your Salesforce platform — vet and limit connected apps. Rehearse rapid containment — revoke OAuth tokens, disable accounts fast. References Google - The Cost of a Call: From Voice Phishing to Data Extortion Salesforce – Protect Your Salesforce Environment from Social Engineering Threats BleepingComputer – ShinyHunters behind Salesforce data theft at Qantas, Allianz Life, LVMH TechRadar – Google says hackers stole some of its data following Salesforce breach LMG Security Blog – Our Q3 2024 Top Control is Third Party Risk Management: Lessons from the CrowdStrike Outage
NOW PLAYING
Mass Salesforce Hacks: How Criminals Are Targeting the Cloud Supply Chain
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m