International automotive giant Stellantis has confirmed that some of its North American customers' data was stolen as a result of a breach of a third-party service provider's platform. The attack involved the Salesforce supply chain and the attackers gained access to customers' address book information through overstepping their authority. The attack is believed to be linked to hacker group ShinyHunters, which claims to have stolen more than 18 million records, including names and contact information, from Stellantis' Salesforce instances.ShinyHunters has attacked Salesforce customers several times since the beginning of the year through voice phishing and other means, affecting companies including Google, Cisco, Adidas, Louis Vuitton, and many others.
