Margi Murphy, Jake Bleiberg, and Brody Ford report:
Salesforce Inc. told customers Tuesday that it won’t pay a ransom demand from a hacker who claimed to have stolen a large amount of client data and threatened to publish it, according to an email seen by Bloomberg News.
The company said in a security notification that it had received “credible threat intelligence” indicating that a hacking group, known as ShinyHunters, was planning to share information stolen during a security incident earlier in the year involving a number of its customers, according to the email.
The incident involved the third-party app SalesLoft Inc., specifically its Drift app, which integrates with Salesforce to automate customer service interactions. The breach of the app resulted in the theft of data earlier this year from a number of organizations that use Salesforce.
Allen Tsai, a Salesforce spokesperson, said the company won’t engage, negotiate with or pay any extortion demand.
Read more at Bloomberg.