- Pandora notified its customers a data violation
- Computer pirates stole the names of people and email addresses
- Unfelt reports called Shinyhunters as perpetrators
The Pandora jewelry power has confirmed the suffering of a cyber attack that saw him lose confidential information of the client.
The company revealed the news in a data violation notification letter sent to the affected customers who said: “We are writing to inform him that Pandora has experienced a cyber security attack, where certain client information was accessed through a third party platform we use.
“We want to assure you that the attack has been arrested and, as a result, we have further strengthened our security measures.”
Brightness hunters
Pandora emphasized that “only very common types” of data were exfiltrated: email names and addresses. No passwords, credit card data and similar confidential data were taken.
The company also said that its research determined that the data has not yet been abused, but recommends users to stay attentive and track the email messages or online interactions that request their data.
“Therefore, we recommend that you do not click on links or download attachments from unknown sources,” he said.
The company did not say who the threat actors were, how they managed to access Pandora’s networks, or how many people were affected by this incident.
However Bleepingcomputer He states that the attack was probably Shinyhunters’ work that broke into Pandora’s Salesforce database.
According to the publication, Shinyhunters has been looking for a path in the corporate databases of Salesforce since January 2025 and has been using different social engineering and phishing tactics.
Apparently, one worked, and the brightness now say that “they will make a massive sale or a filtration” of companies that refuse to pay the rescue.
Salesforce, on the other hand, confirmed that his solutions were not compromised.
“Salesforce has not been compromised, and the problems described are not due to any known vulnerability on our platform. While Salesforce builds business degree security in everything we do, customers also play a fundamental role in maintaining their safe data, especially in the midst of an increase in sophisticated sophises and social engineering attacks,” Salesforce said to the publication.
