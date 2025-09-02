  • Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
Palo Alto Networks data breach exposes customer info, support cases

"Salesforce data theft attacks
Since the beginning of the year, Salesforce has been the target of data theft attacks conducted by members associated with the ShinyHunters extortion group.

In past attacks, the threat actors conducted voice phishing (vishing) to trick employees into linking a malicious OAuth app with their company's Salesforce instances.

Once linked, the threat actors used the connection to download and steal the databases, which were then used to extort the company through email.

However, with the Salesloft breach, the threat actors were able to steal data using the stolen OAuth tokens.

Since Google first reported the attacks in June, numerous data breaches have been tied to the social engineering attacks, including Google itself, Cisco, Farmers Insurance, Workday, Adidas, Qantas, Allianz Life, and the LVMH subsidiaries Louis Vuitton, Dior, and Tiffany & Co.

While some researchers have told BleepingComputer that they believe the Salesloft supply chain attacks involve the same threat actors, Google says there is no conclusive evidence that they are linked.

"We've not seen any compelling evidence connecting them at this time," Austin Larsen, Principal Threat Analyst. Google Threat Intelligence Group, told BleepingComputer.

Update 9/2/25: Article title updated to reflect that the breach did not contain full support tickets."

Source: https://www.bleepingcomputer.com/ne...a-breach-exposes-customer-info-support-cases/
 
