🏠

Data Breach Nightmare 😱: Salesforce & 1.5B Records! 💥

Tech

January 17, 2026

🎧 Audio Summaries
🎧
English flag
French flag
German flag
Spanish flag
🛒 Shop on Amazon

🧠Quick Intel

  • Smart Tech:** A new range of smart home devices featuring the latest Matter support was announced.
  • Laptop Deals:** Significant discounts are being offered on the MacBook Pro 16-inch (M2 Pro model) with up to 20% off.
  • Gaming Gear:** Pre-orders for the NVIDIA GeForce RTX 4090 are open, with an estimated shipping date of November 17th.
  • AI Hardware:** Intel unveiled its Gaudi 2 AI accelerator, targeting low-latency inference workloads.
  • Photo Gear:** Canon released the EOS R8 mirrorless camera body, priced at $799.
  • Latest Books:** Publishers are reporting a 15% increase in digital book sales compared to the previous quarter.
Click anywhere to collapse

Grubhub Hit by Massive Data Breach – 1.5 Billion Records Exposed
Grubhub has confirmed a significant security breach, resulting in the theft of approximately 1.5 billion data records. The incident, initially uncovered by Google’s Threat Intelligence team, involved unauthorized access to sensitive information held by the company.

Mandiant Assists in Containing the Threat
To address the crisis, Grubhub has enlisted the expertise of the third-party cybersecurity firm, Mandiant, via their Threat Intelligence team. Furthermore, law enforcement agencies have been formally notified of the breach, indicating the seriousness of the situation and coordinated efforts to investigate.

Salesloft and Drift Attacks Led to Initial Compromise
The breach’s origins trace back to attacks targeting Salesloft and Drift data. Specifically, stolen OAuth tokens were exploited, granting attackers access to a vast amount of user information.

Salesforce Data Severely Impacted – 760 Companies Affected
The compromised data included information from 760 companies, utilizing Salesforce’s “Account,” “Contact,” “Case,” “Opportunity,” and “User” object tables. This highlights the breadth of the attack and the potential vulnerability of Salesforce clients.

ShinyHunters Demands Ransom – Older Data at Risk
The cybercrime group, ShinyHunters, is actively demanding a Bitcoin payment to prevent the release of older Salesforce data stolen in February 2023. This demonstrates a coordinated extortion attempt aimed at further disrupting impacted organizations.

Google Threat Intelligence Tracks Further Attacks
Following the initial breach, Google’s Threat Intelligence team observed the UNC6395 group leveraging the stolen data for subsequent attacks. These efforts targeted Amazon Web Services (AWS) access keys (AKIA), passwords, and Snowflake-related access tokens, expanding the potential scope of the damage.

Immediate Action Required – Rotate Affected Tokens
Organizations impacted by the Salesloft and Drift breaches must immediately rotate all affected access tokens and secrets to mitigate the risk of further exploitation. Prompt action is crucial to limit the ongoing damage.

Our editorial team uses AI tools to aggregate and synthesize global reporting. Data is cross-referenced with public records as of April 2026.

Related Articles