Yazılar

Hacker Group Claims Theft of Nearly 1 Billion Salesforce Records; Company Denies Breach

/in /tarafından

A hacker collective calling itself “Scattered LAPSUS$ Hunters” claims to have stolen nearly 1 billion records linked to Salesforce, the global cloud software giant, by targeting companies that use its platform. The group—believed to be behind recent ransomware attacks on major U.K. retailers including Marks & Spencer, Co-op, and Jaguar Land Rover—told Reuters the stolen data contains personally identifiable information (PII).

Salesforce, however, firmly denied that its systems were compromised. “At this time, there is no indication that the Salesforce platform has been compromised, nor is this activity related to any known vulnerability in our technology,” a company spokesperson said.

One hacker, identifying themselves as “Shiny,” told Reuters that the group did not directly hack Salesforce infrastructure but instead exploited its customers through “vishing”—a voice-phishing technique where attackers impersonate employees in calls to IT help desks to gain system access.

The group published a leak site on the dark web on Friday listing around 40 allegedly hacked companies, though it remains unclear how many are Salesforce clients. Both Salesforce and the hackers declined to confirm whether any ransom demands had been made.

In a June report, Google’s Threat Intelligence Group (TAG)—which tracks the hackers as “UNC6040”—said the group had been highly effective at deceiving employees into installing modified versions of Salesforce’s Data Loader, a proprietary tool used to import large volumes of customer data.

Google researchers also noted that the attackers’ infrastructure overlaps with an amorphous cybercriminal network known as “The Com”, a loosely connected ecosystem infamous for social engineering, ransomware, and even violent activity.

The claims come amid an ongoing U.K. police investigation into the earlier wave of cyberattacks that disrupted retail operations nationwide. In July, authorities arrested four individuals under 21 suspected of involvement in the breaches.

While Salesforce’s denial suggests its core systems remain intact, the episode underscores a growing cybersecurity challenge: attackers are increasingly bypassing well-secured platforms by manipulating the humans who use them.

As digital ecosystems become ever more interconnected, the breach—real or exaggerated—illustrates how even the most secure cloud providers can be dragged into the fallout of their customers’ weakest link: trust.

Salesforce Shares Slide as Weak Outlook Highlights Delayed AI Payoff

/in /tarafından

Salesforce (CRM.N) shares fell nearly 8% on Thursday after the company issued a disappointing third-quarter revenue forecast, raising investor concerns that returns from its artificial intelligence investments may take longer to materialize.

The company projected revenue between $10.24 billion and $10.29 billion, with the midpoint falling short of analysts’ average estimate of $10.29 billion, according to LSEG data. Despite announcing a $20 billion expansion of its share buyback program, Salesforce’s muted guidance weighed heavily on investor sentiment.

The outlook comes as software companies face mounting pressure to prove that billion-dollar AI investments will deliver meaningful returns, even as customers scale back spending in an uncertain economic environment. Matt Britzman, senior equity analyst at Hargreaves Lansdown, said the guidance gives “bears fresh ammo amid mounting fears that the software sector is ripe for disruption.”

Salesforce has been rapidly integrating AI across its cloud services, including the 2024 launch of Agentforce, an AI-powered agent platform designed to automate workflows and improve margins. However, the company continues to face macroeconomic headwinds. Analysts at Oppenheimer described the growth outlook as “uninspiring,” noting challenges for front-office software suppliers this year.

Shares of Salesforce are down about 24% year-to-date. To strengthen its offerings, the company has returned to acquisitions, including its $8 billion purchase of Informatica in May. Still, Salesforce trades at a forward earnings multiple of 20.96—well below Microsoft’s 31.26 and Oracle’s 30.84—suggesting potential upside.

J.P. Morgan analysts said second-quarter results, which beat revenue expectations, alongside management’s positive commentary, indicate that Salesforce stock may be undervalued compared to peers, leaving room for recovery.

Starboard Increases Salesforce Stake Amid Stock Weakness

/in /tarafından

Activist hedge fund Starboard Value, which first pushed for changes at Salesforce (CRM.N) three years ago, raised its stake in the U.S. software company by nearly 50% in the second quarter, according to a regulatory filing on Thursday.

As of June 30, Starboard owned 1.3 million shares, up from 849,679 shares at the end of the first quarter when it had already boosted its stake by almost 52%. The move comes amid a nearly 30% drop in Salesforce’s stock price since January and a 9% decline over the past year.

Salesforce, valued at $223 billion, faced pressure from activist investors in late 2022 and early 2023. Many of these investors reduced or exited their positions after the company reported strong results, added a new board director, and implemented other changes. Starboard, known for revisiting past investments if a company backslides on promised reforms, appears to be increasing pressure again.

Starboard CEO Jeffrey Smith previously said Salesforce still had potential to improve efficiency and profitability. The hedge fund also boosted its stake in Pfizer (PFE.N) by 10.5% to 8.5 million shares and reduced its holding in Autodesk (ADSK.O) by nearly 27% after settling a prior engagement with the company.

The filing is a 13F report, which reflects fund holdings at the end of the previous quarter and is closely watched for insights into investment trends.