
ShinyHunters' CRM Heist
From State of Cybercrime by Varonis, Matt Radolec, David Gibson
August 18, 2025 · 26 min · Season 3 · Episode 28
About this episode
This episode discusses how ShinyHunters executed a major CRM-focused attack on prominent companies using Salesforce without exploiting software vulnerabilities.
One phone call was all it took for ShinyHunters to breach some of the world's biggest brands. By exploiting Salesforce to infiltrate Google, Cisco, and many others, this group has shown just how vulnerable organizations can be when well-known SaaS platforms become the attack vector. In this special State of Cybercrime episode, Matt and David break down how ShinyHunters pulled off one of the largest CRM–focused attacks of the year without exploiting a single software vulnerability.
People in this episode
Hosts: Matt Radolec, David Gibson
Topics covered
- cybercrime
- SaaS vulnerabilities
- CRM attacks
- data breach
- cybersecurity
Keywords
- ShinyHunters
- Salesforce
- Cisco
- CRM attack
- cybersecurity
- data breach
Mentioned in this episode
Organizations: ShinyHunters, Salesforce, Google, Cisco
More episodes of State of Cybercrime
- The Canvas Breach · May 19, 2026 · 30 min
- The Axios Supply Chain Attack · April 10, 2026 · 43 min
- Salesforce Aura Data Theft · March 20, 2026 · 30 min
- OpenClaw & Moltbook (w/ Moriah Hara!) · February 14, 2026 · 43 min
- The React2Shell Crisis · December 15, 2025 · 23 min
- AI-Powered Espionage · November 24, 2025 · 24 min
Explore listener stats, chart rankings, contacts and more on the State of Cybercrime podcast page.