Data Breaches on the Rise: Why Salesforce Security Matters

CRM Security & Risk

Data Breaches on the Rise: Why Salesforce Security Matters

CRM Security & Risk
Q3 2025
blog

The Growing Threat Landscape

Data breaches are on the rise, in particular on CRMs. AppGenie is the APAC specialist in DigitSec, a SaaS tool specifically focused on Salesforce code quality and security scanning. We also offer scans as a turnkey managed service. Contact us to register interest.

Beyond Qantas, several Australian government agencies, universities, and businesses have had Salesforce-related exposures, though many weren’t publicly disclosed or were handled through privacy breach notifications rather than public announcements.

Many organisations don’t publicly disclose Salesforce-specific breaches, often reporting them as general “CRM system” or “customer database” incidents. The actual number is likely much higher than what’s publicly known, particularly for smaller organisations and those in regulated industries that handle breaches through private notification processes.

Common Exposure Types

Misconfigured Salesforce Communities/Sites leading to public data exposure
Social engineering attacks targeting Salesforce admins
Third-party integration vulnerabilities
Inadequate access controls on Salesforce orgs
Compromised credentials leading to data exfiltration

Recent 2025 ShinyHunters Campaign

Qantas Airways (Australia) – 5.7 million customers affected
Google – Ads customer data exposed
Pandora – Customer data breach
Allianz Life – Insurance customer data
Louis Vuitton (LVMH) – Customer databases
Dior (LVMH) – Part of coordinated attack
Tiffany & Co. (LVMH) – Luxury brand customers
Adidas – Athletic brand customer data

Major Corporate Breaches

Toyota – Customer service data exposed through Salesforce misconfiguration
Sears Holdings – Customer data through compromised Salesforce instance
Staples – Business customer information exposed
American Red Cross – Donor and volunteer data breach
YMCA – Member information exposed through Salesforce
Various municipalities and government agencies – Multiple smaller breaches reported

Notable Patterns

Healthcare organisations – Multiple hospitals and medical groups
Financial services firms – Several banks and credit unions affected
Educational institutions – Universities and school districts with exposed student data
Non-profit organisations – Charity and advocacy groups with donor information exposed

Latest: Workday Breach (August 2025)

Workday recently disclosed a data breach via a compromised third-party CRM platform, linked to a broader social engineering wave involving ShinyHunters. Exposed data—including names, email addresses, and phone numbers—did not include customer tenant or internal data.