Is this email difficult to read? View it in a web browser. ›
The Wall Street Journal ProThe Wall Street Journal Pro

CybersecurityCybersecurity

Sponsored by Zscaler logo.

Salesforce Customers Deal With Continuing Extortion After Data Breach

By Kim S. Nash
 

Welcome back. A hack of a Salesforce supplier over the summer continues to ripple out to Salesforce customers.

Qantas Airways on Sunday acknowledged that passenger data was published online. The disclosure comes after the hacker group threatened publication unless Salesforce paid a ransom—which the company has refused to do.

The Federal Bureau of Investigation and its counterparts in France have seized the hackers' extortion website, Bleeping Computer reported.

The attackers are suspected of accessing Salesforce customer data by exploiting third-party add-on software from a company called Salesloft. 

Qantas, which previously said about 5.7 million flyers had their data compromised, is one of a few dozen companies caught up in the campaign. The airline said it is working with Australian law enforcement and cyber agencies to investigate.

More news below.
 

‏‏‎ ‎
CONTENT FROM: ZSCALER
Act Now: Protect Against Cisco ASA Zero-Day Threat!

According to CISA’s Emergency Directive, Zero Day vulnerabilities in Cisco ASA firewalls and VPNs are being actively exploited, posing severe risks to enterprises. In reality, all VPNs and firewalls represent significant risk as attackers use AI to scan and exploit these exposed legacy devices, bypass authentication, and launch sophisticated attacks. Act now to secure your business.

Zero-day protection starts with zero trust architecture.

 

More Cyber News

PHOTO: SEBASTIAN SCHEINER/ASSOCIATED PRESS

U.S. money: American investors have bought a majority stake in troubled Israeli spyware company NSO Group. The company declined to say how much was invested or who the people are. The U.S. in 2021 added NSO Group to its entities list of banned organizations amid accusations of the company targeting American officials with spyware. (TechCrunch)

Russia is behind a surge in cyberattacks on Polish critical infrastructure, according to Poland's minister for digital affairs. About 170,000 attempted hacks have been detected this year, through September, on water, energy and other critical services, said Krzysztof Gawkowski. (Reuters)

SimonMed, a Scottsdale, Ariz.-based company that provides mammograms, MRIs and other medical imaging tests, said more than 1.2 million patients had their personal information exposed in a January cyberattack. 

  • The hack originated at an unnamed business partner and spread to SimonMed. An investigation later determined that there was "unauthorized access to our systems" between Jan. 21 and Feb. 5, SimonMed said.  
  • The company then took several steps to improve its cybersecurity, it said, including implementing endpoint detection and monitoring, removing all third-party direct access to its systems and limiting traffic to white-listed entities.
Up to $2 million

Amount that Apple now offers bug bounty hunters who uncover complex exploit chains that can be used to take over devices. Under a new bounty program, that's double Apple's previous top award. (SecurityWeek)
 

About Us

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten, James Rundle and Catherine Stupp. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.

 
Share this email with a friend.
Forward ›
Forwarded this email by a friend?
Sign Up Here ›
 
Desktop, tablet and mobile. Desktop, tablet and mobile.
Access WSJ‌.com and our mobile apps. Subscribe
Apple app store icon. Google app store icon.
Unsubscribe   |    Newsletters & Alerts   |    Contact Us   |    Privacy Notice   |    Cookie Notice
Dow Jones & Company, Inc. 4300 U.S. Ro‌ute 1 No‌rth Monm‌outh Junc‌tion, N‌J 088‌52
You are currently subscribed as [email address suppressed]. For further assistance, please contact Customer Service at pro‌newsletter@dowjones.com or 1-87‌7-975-6246.
Copyright 2025 Dow Jones & Company, Inc.   |   All Rights Reserved.
Unsubscribe