Business Data Theft Campaign Targets Companies Using Salesforce: Check Your Accounts

A group of hackers known as Icarus has been breaking into business software systems and stealing customer information. They are targeting companies that use Salesforce, a popular platform that businesses use to manage customer relationships and sales data. The attackers got in through a company called Klue, which is a market intelligence platform. By breaking into Klue's security system, the hackers gained access to data from multiple organizations that use Salesforce. This affects customers of companies that use both Klue and Salesforce together.

If you have done business with companies that use these platforms, your contact information, purchase history, or business communications might have been stolen. The hackers are using this stolen data to extort money from the affected companies. While individual families are not the direct targets, your personal information stored in these business systems could be exposed.

Take these steps to protect yourself:

1. Monitor your email for any notifications from companies you do business with about a data breach.
2. Watch your bank and credit card statements closely for any unauthorized charges.
3. Be extra cautious of phishing emails or phone calls that seem to know details about your business relationships.
4. If you receive notice that a company you work with was affected, change your password for that service immediately.
5. Consider placing a fraud alert on your credit reports if you are contacted by one of the affected companies. Going forward, use strong, unique passwords for every business account. Enable two-factor authentication wherever it is offered, especially for accounts that contain financial information or personal data. Keep a list of which companies you do business with so you can quickly identify legitimate breach notifications from scams.