Salesforce stated on Wednesday that it’s investigating a breach of “sure prospects’ Salesforce knowledge” that was compromised by way of apps revealed by Gainsight, an organization that sells a platform for different firms to handle their prospects. 

In a discover revealed late Wednesday, Salesforce stated the hacks contain “Gainsight-published functions related to Salesforce, that are put in and managed straight by prospects.” 

Salesforce stated that there’s “no indication that this problem resulted from any vulnerability within the Salesforce platform,” and that the exercise seems associated to Gainsight’s “exterior connection to Salesforce.”

When reached for remark, Salesforce spokesperson Nicole Aranda referred TechCrunch to the corporate’s web page devoted to the incident. 

As of this writing, Gainsight stated in a standing web page that it’s investigating a “Salesforce connection problem,” with out making any reference to a possible breach. “Our inner investigation is ongoing,” Gainsight wrote.

A spokesperson for Gainsight didn’t instantly reply to TechCrunch’s request for remark.

On its web site, Gainsight touts a number of company prospects, together with Airtable, Notion, GitLab, and others. When reached by e-mail, GitLab spokesperson Emily James informed TechCrunch that GitLab’s “safety staff is investigating and we’ll get again to you when we have now extra to share.”

The prolific hacking group ShinyHunters informed cybersecurity information web site DataBreaches.internet that it was behind the breach, including that if Salesforce doesn’t negotiate with them, they’ll create a brand new web site to promote the stolen knowledge — a standard extortion tactic by financially-motivated cybercriminals. 

“The following [data leak site] will include the info of the Salesloft and GainSight campaigns,” the hackers informed DataBreaches.internet. The hackers declare to have stolen knowledge from near a thousand firms.

This knowledge breach seems much like an August breach at AI advertising chatbot maker Salesloft, which allowed the hackers to interrupt into a variety of their prospects’ related Salesforce cases to steal delicate knowledge, similar to entry tokens for different companies. Among the many victims included insurance coverage large Allianz Life, Bugcrowd, Cloudflare, Google, trend conglomerate Kering, Proofpoint, the airline Qantas, carmaker Stellantis, credit score bureau TransUnion, the worker administration platform Workday, and others. 

Within the case of the Salesloft breaches, the hacking group Scattered Lapsus$ Hunters, which apparently contains the ShinyHunters gang, claimed accountability. 

Final month, the hackers launched a devoted web site to extort the victims of the breaches, the place they threatened to launch a billion data. 

On the time, Gainsight confirmed it was among the many victims of the Salesloft-linked breaches, nevertheless it’s unclear if this new wave of hacks originated from its earlier compromise.