Education company McGraw-Hill confirmed a data breach after hackers exploited a Salesforce misconfiguration on a hosted webpage, leading to unauthorized access to internal data. The ShinyHunters extortion group claimed responsibility, threatening to leak 45 million Salesforce records containing PII, a claim McGraw-Hill disputes regarding sensitivity and volume.
Initial Access
Salesforce Misconfiguration
confirmed
Hackers exploited a misconfiguration within Salesforce's environment, specifically a webpage hosted by Salesforce, to gain unauthorized access to McGraw-Hill's internal data.
Defender cut points
Implement secure configuration management for SaaS platformsRegularly audit Salesforce security settings and access controls
