Scattered Spider
FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data
The FBI has issued a FLASH alert warning that two threat clusters, tracked as UNC6040 and UNC6395, are compromising organizations’ Salesforce environments to steal data and extort victims. “The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate Indicators of Compromise (IOCs) associated with recent malicious cyber activities by cyber criminal groups UNC6040 […]
Jaguar Land Rover confirms data theft after recent cyberattack
Jaguar Land Rover (JLR) confirmed today that attackers also stole “some data” during a recent cyberattack that forced it to shut down systems and instruct staff not to report to work. JRL functions as a standalone entity under Tata Motors India after its purchase from Ford in 2008. With an annual revenue of over $38 billion (£29 […]
Scattered Spider hacker gets sentenced to 10 years in prison
Noah Michael Urban, a key member of the Scattered Spider cybercrime collective, was sentenced to 10 years in prison on Wednesday after pleading guilty to charges of wire fraud and conspiracy in April. He was arrested in January 2024, and in November, the U.S. Justice Department charged Urban (also known as King Bob, Gustavo Fring, Elijah, and Sosa), along […]
Hackers leak Allianz Life data stolen in Salesforce attacks
Hackers have released stolen data belonging to US insurance giant Allianz Life, exposing 2.8 million records with sensitive information on business partners and customers in ongoing Salesforce data theft attacks. Last month, Allianz Life disclosed that it suffered a data breach when the personal information for the “majority” of its 1.4 million customers was stolen from a third-party, […]
Google confirms data breach exposed potential Google Ads customers’ info
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers. “We’re writing to let you know about an event that affected a limited set of data in one of Google’s corporate Salesforce instances used to communicate with prospective Ads customers,” reads a data breach […]
Scattered Spider is running a VMware ESXi hacking spree
Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors. According to the Google Threat Intelligence Group (GITG), the attackers keep employing their usual tactics that do not include vulnerability exploits but rely on perfectly executed social engineering “to bypass even […]
Co-op confirms data of 6.5 million members stolen in cyberattack
UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the massive cyberattack in April that shut down systems and caused food shortages in its grocery stores. Co-op (short for the Co-operative Group) is one of the United Kingdom’s largest consumer co-operatives, operating food stores, funeral services, insurance, and legal […]
Four arrested in UK over M&S, Co-op, Harrods cyberattacks
The UK’s National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods. The arrested individuals are two 19-year-old males, one 17-year-old male, and a 20-year-old female, who were apprehended earlier today in their homes in London and the West […]
M&S confirms social engineering led to massive ransomware attack
M&S confirmed today that the retail outlet’s network was initially breached in a “sophisticated impersonation attack” that ultimately led to a DragonForce ransomware attack. M&S chairman Archie Norman revealed this in a hearing with the UK Parliament’s Business and Trade Sub-Committee on Economic Security regarding the recent attacks on the retail sector in the country. While […]
Qantas discloses cyberattack amid Scattered Spider aviation breaches
Australian airline Qantas disclosed that it detected a cyberattack on Monday after threat actors gained access to a third-party platform containing customer data. Qantas is Australia’s largest airline, operating domestic and international flights across six continents and employing around 24,000 people. In a press release issued Monday night, the airline states that the attack has […]