Search
Get in Touch
News

Google security experts say Gainsight hacks may have left hundreds of companies affected

TechRadar
TechRadar
  • Google Threat Intelligence Group says the Gainsight breach may have impacted 200+ Salesforce instances
  • Attack stems from the August 2025 Salesloft breach, where OAuth tokens were stolen and abused by Scattered Lapsus$ Hunters
  • SHL claims victims include Atlassian, CrowdStrike, LinkedIn, and others, though none have confirmed compromise

Google’s security experts believe the recent Gainsight breach may have left more than 200 companies, and the data they stored through Salesforce, compromised.

Salesforce recently confirmed seeing “unusual activity” involving Gainsight-published applications connected to its systems. At the time, it said some of the apps may have enabled unauthorized access to certain customers’ Salesforce data”, which forced it to revoke all active access and refresh token associated with Gainsight-published applications connected to Salesforce, and to temporarily remove the apps from its AppExchange.

The media discovered that the attack was the result of the August 2025 Salesloft breach. A group of criminals, known as “Scattered Lapsus$ Hunters” (SLH), stole OAuth tokens Salesloft used for its Drift AI chat integration with Salesforce, which gave them direct API access to customers’ Salesforce data. Among this data were Gainsight’s files as well, which led to today’s attack.

Scattered Lapsus Hunters

Now, Austin Larsen, the Principal Threat Analyst with Google’s Threat Intelligence Group, told TechCrunch the company “is aware of more than 200 potentially affected Salesforce instances.”

The publication made contact with the group via Telegram, which took responsibility for the attack, and said that it affects Atlassian, CrowdStrike, Docusign, F5, GitLab, LinkedIn, Malwarebytes, SonicWall, Thomson Reuters, and Verizon.

TechCrunch reached out to most of the companies on SHL’s list, and while some did not reply, others simply said they were investigating the claims. None confirmed the breach, but they also did not outright deny it, only stating that there is currently no evidence to support the argument.

Just like the Salesloft attack, the Gainsight incident has little to do with Salesforce, which has stated there is “no indication that this issue resulted from any vulnerability in the Salesforce platform”.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Read more @ TechRadar

Previous article
The Garmin Forerunner 265 helped me fall in love with marathon running, and right now it’s cheaper than ever
Next article
Humanoid robots are about to become the new smartphones of our lives
TechRadar
TechRadar

Latest posts

Trump embraces gas guzzlers and air pollution by weakening fuel economy standards

The Verge - 0
Motorists drive on Interstate 210 during the morning commute on December 03, 2025 in Pasadena, California. President Donald Trump announced a new plan that lets...

Reddit’s CEO says r/popular ‘sucks,’ and it’s going away

The Verge - 0
Reddit CEO Steve Huffman. Reddit is “moving away” from r/popular, the default feed for new users, and plans to replace it with “better, more relevant...

Anthropic’s AI bubble ‘YOLO’ warning

The Verge - 0
Andrew Ross Sorkin and Dario Amodei speak onstage during The New York Times DealBook Summit 2025 at Jazz at Lincoln Center on December 03,...

Satellites keep photobombing the Hubble telescope, and it’s getting worse

The Verge - 0
A simulated image representing the projected contamination by satellite trails in one of the future space telescopes. The stripes of light reflected from artificial...

BMW iX3 first drive: a ‘New Class’ is in session

The Verge - 0
BMW has been peppering us with teasers and bits and pieces about its next-gen EV platform, Neue Klasse, for so long - fully two...

Netflix is getting rid of another of its game studios by selling it back to its founders

Engadget - 0
The developer of Cozy Grove and Alphabear is leaving Netflix. Spry Fox is being sold back to its original founders, Game File reports, and...

OpenAI’s new confession system teaches models to be honest about bad behaviors

Engadget - 0
OpenAI announced today that it is working on a framework that will train artificial intelligence models to acknowledge when they've engaged in undesirable behavior,...

How to use Accessibility Reader on Apple devices

Engadget - 0
Earlier this year, Apple launched a new tool that makes it easier to read anything on your device’s screen. Designed for people with visual...

Your ‘dear algo’ Threads posts might actually do something soon

Engadget - 0
In a lot of social media use, the algorithm is an intangible entity, silent and all-powerful in controlling what we see in our feeds....

Artist Bungie plagiarized for Marathon alpha says the issue has been resolved

Engadget - 0
Bungie and Sony Interactive Entertainment appear to have settled the plagiarism scandal that rocked Marathon before the game was indefinitely delayed in June 2025....

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!

The AIVAnet is a collector and classifier of app news articles and online technology news, which works automatically by collecting and collating the RSS feeds from popular sites (IOS news feed,latest tablet news, etc.).

The articles deal with mobile app reviews, especially with android reviews, and IOS. One of the central thematic axes is also the comparisons. You can find articles with tablet reviews, comparisons and mobile OS systems or mobile OS stats.

We also provide some of the most popular app news express, for android and IOS or windows phone. The online technology news that you can find in our pages are just opinions and ideology, allowing you to see how different news agencies present the same news.

AIVAnet is supported by Cloud Services Store

About Us

© AIVAnet | All rights reserved