Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Just a single malicious email can poison your AI agent’s memory: resea...
VIDA Demonstrates How Passwordless Authentication Can Break the Scam C...
New AI jailbreak techniques expose limits of safety defenses, prompt i...
The cyber incident that is too “isolated” to accentuate to mass media...
Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deploy...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

News

Global data theft campaign exploits misconfigured cloud portals to harvest massive troves of corporate records

By CybersecAsia editors | Thursday, March 12, 2026, 5:33 PM Asia/Singapore

Global data theft campaign exploits misconfigured cloud portals to harvest massive troves of corporate records

Attackers abuse guest access on CRM portals, chaining server actions and bypassing query limits to extract sensitive organizational data worldwide.

In what security experts say may be one of the largest data theft campaigns to date, hacking crew ShinyHunters has been implicated in exploiting weakly secured customer-relationship management (CRM) platform cloud portals to siphon vast troves of corporate data.

The attackers are said to be abusing public‑facing “guest” access on Salesforce Experience Cloud sites to run queries against back‑end Salesforce data without logging in, turning misconfigurations into a powerful entry point for mass data harvesting.

Investigators say the operation targets the /s/sfsites/aura API endpoint used by the CRM firm, which powers many customer and partner portals. ShinyHunters is reportedly using a modified version of an auditing utility, originally released to help administrators find access‑control flaws, to automatically scan the internet for exposed Experience Cloud implementations that grant guest users overly broad permissions. Then:

  • Once a vulnerable site is found, the group chains together large numbers of server‑side actions in single requests and manipulates query parameters to bypass record‑count limits, allowing them to pull tens or hundreds of thousands of records at a time.
  • The campaign builds on earlier hacking activity against Salesforce customers through compromised integrations and OAuth tokens, where attackers used stolen access to methodically export CRM data and mine it for credentials, cloud keys and other secrets.
  • Security researchers and industry information‑sharing groups say the latest wave has affected hundreds of organizations worldwide since late 2025, including scores of technology and cybersecurity companies that rely heavily on Salesforce for sales and support operations.

Salesforce, for its part, has insisted the incidents stem from customer configuration mistakes rather than a flaw in its core platform, framing the issue as one of access governance rather than software vulnerability. The firm has issued emergency guidance urging customers to:

  • lock down guest profiles
  • remove API access from unauthenticated users
  • set organization‑wide defaults to private
  • disable self‑registration on portals
  • closely monitor logs for unusually large or automated queries hitting Experience Cloud sites.

Researchers warn that any public portal exposing excessive data to guest users remains at risk until organizations complete thorough permission reviews and secret‑rotation efforts.

Share:

PreviousWhen AI adoption outpaces security, organizations struggle for collective safety
NextTXOne Networks Showcases TXOne Complete at S4x26, Advancing the Full OT Security Journey for Channel Partners

Related Posts

Five major cyber threats are being targeted at SMEs next year

Five major cyber threats are being targeted at SMEs next year

Thursday, December 15, 2022

Another year of GenAI dualities, social engineering and data security threats ahead

Another year of GenAI dualities, social engineering and data security threats ahead

Wednesday, December 27, 2023

Cafs: a guiding light for securing Australia’s charity sector

Cafs: a guiding light for securing Australia’s charity sector

Monday, December 4, 2023

APAC businesses focus on revenue, face higher fraud risk

APAC businesses focus on revenue, face higher fraud risk

Thursday, July 8, 2021

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • VIDA Demonstrates How Passwordless Authentication Can Break the Scam Chain

    Monday, July 13, 2026
    KUALA LUMPUR, Malaysia, July 13, …Read More »
  • Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deployment at QNET

    Wednesday, July 8, 2026
    The Sparsa AI Enterprise Operating …Read More »
  • Conifers AI Opens Singapore Data Region, Bringing Local Data Residency to Asia-Pacific Security Teams

    Wednesday, July 8, 2026
    With data regions now spanning …Read More »
  • DXC Opens Flagship AI-first Customer Experience Center in Bengaluru

    Tuesday, July 7, 2026
    Strengthens DXC’s India presence with …Read More »
  • D-Link Brings Advanced AI Fall Detection and Privacy Protection to Home Elderly Care with the New DCS-8610 Wi-Fi Camera

    Monday, July 6, 2026
    Advanced technologies traditionally found in …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.