The cybercriminal group ShinyHunters is targeting around 100 organizations in a campaign aimed at stealing Okta single sign-on credentials. Companies like Atlassian and Canva are included among the targets, with reports of successful breaches at Crunchbase and Betterment. Experts recommend stronger multi-factor authentication measures to combat these threats.

A series of data breaches affecting companies such as Qantas, Allianz Life, LVMH, and Adidas has been attributed to the ShinyHunters extortion group, which uses voice phishing to compromise Salesforce CRM accounts. The attackers impersonate IT support to manipulate employees into entering connection codes that link malicious applications to Salesforce environments, leading to data theft and potential extortion attempts without public leaks so far. Salesforce has confirmed that their platform is not compromised, emphasizing the importance of customer vigilance against social engineering attacks.