BeyondMachines :verified:@beyondmachines1@infosec.exchange
Pandora Jewelry confirms data breach caused by third-party platform attack
Pandora confirmed a data breach affecting customer data after threat actors linked to the ShinyHunters group used voice phishing to trick employees into authorizing a malicious OAuth application to the company's Salesforce database. The attack is part of an ongoing campaign targeting major companies' Salesforce instances through social engineering tactics that impersonate IT support staff.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/pandora-jewelry-confirms-data-breach-caused-by-third-party-platform-attack-k-a-m-s-w/gD2P6Ple2L