> The instance was used to store contact information and related notes for small and medium businesses. Analysis revealed that data was retrieved by the threat actor during a small window of time before the access was cut off. The data retrieved by the threat actor was confined to basic and largely publicly available business information, such as business names and contact details.
On the other side, giving how slow and cumbersome data extraction from enterprise software, may be they are saying that the hackers also didn't get that much and far.
This is generally what people try to steal out of Salesforce. I doubt it's as innocuous as that makes it sound, as they wouldn't bother if they couldn't make money off of it. I assume there is some secondary scheme, like fraudulent billing.
Having seen the AWS version of this type of data store, it's typically got information like billing account numbers, internal email addresses of stakeholders, customer notes about NDA'd strategy, and lists of bugs/feature requests the customer is interested.
Could totally see someone sending a message like "Hey, your TAM asked me to talk to you about $IMPORTANT_FEATURE_REQUEST, can you grant me read access in the account where you're developing $UPCOMING_SECRET_PROJECT so I can get some additional color?" It might even be enough to get someone on a conference call and pump them for MNPI about $UPCOMING_SECRET_PROJECT under the guise of ensuring that the feature request is helpful.
I despise communication like this: "it doesn't really matter, it was just a very very very small portion of users with uninteresting data, really, believe us!". Is it some kind of legal thing? Does an actual apology open them up for lawsuits or what?
> The instance was used to store contact information and related notes for small and medium businesses. Analysis revealed that data was retrieved by the threat actor during a small window of time before the access was cut off. The data retrieved by the threat actor was confined to basic and largely publicly available business information, such as business names and contact details.