{"id":756,"date":"2025-08-21T08:59:04","date_gmt":"2025-08-21T13:59:04","guid":{"rendered":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/?p=756"},"modified":"2025-08-25T14:36:21","modified_gmt":"2025-08-25T19:36:21","slug":"recent-data-breaches-aug-2025","status":"publish","type":"post","link":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/blog\/recent-data-breaches-aug-2025\/","title":{"rendered":"Recent Data Breaches: What They Mean for Your Business (Aug 2025)"},"content":{"rendered":"<p>Over the past few weeks, a wave of data breaches has put data security back on the front page. Several large brands confirmed exposure of contact or customer data tied to <strong>social engineering campaigns against CRM platforms<\/strong>, and a separate but widespread\u00a0<strong>third\u2011party software update defect<\/strong>\u00a0caused major operational outages worldwide. If global enterprises can be disrupted,\u00a0<em>local small and mid\u2011sized businesses<\/em>\u2014often with fewer controls\u2014are attractive targets, too.<\/p>\n<h2>What happened this month?<\/h2>\n<h3>1) Salesforce\u2011related data theft campaign (multiple brands)<\/h3>\n<p>Multiple companies reported theft of CRM data tied to sophisticated social engineering\/OAuth abuse\u2014activity linked by researchers to the threat actor \u201cShinyHunters\u201d\/UNC6040. Confirmed disclosures include Google and Pandora; industry coverage also names Allianz Life and others. These incidents generally involved\u00a0<strong>employee impersonation and malicious OAuth app authorization<\/strong>, not a Salesforce platform exploit.<\/p>\n<h3>2) Cisco.com user data exposed after a vishing attack<\/h3>\n<p>Cisco disclosed that a social\u2011engineering (voice phishing) scam led to access to a\u00a0<em>third\u2011party cloud CRM<\/em>\u00a0environment, exposing a subset of Cisco.com users\u2019 basic profile data (names, emails, phone numbers, etc.). While not highly sensitive, this information can fuel follow\u2011on phishing and impersonation attempts.<\/p>\n<h3>3) PBS employee contact data leaked on Discord<\/h3>\n<p>PBS confirmed that corporate contact information for ~4,000 employees\/affiliates was stolen from an internal service and later shared on Discord servers. Even \u201cbasic\u201d org charts and contact lists can accelerate targeted phishing and business email compromise (BEC) attacks.<\/p>\n<h3>4) CrowdStrike incident: a third\u2011party update outage (not a data breach)<\/h3>\n<p>A faulty content update to the CrowdStrike Falcon agent caused a global Windows outage in July 2024; Microsoft estimates ~8.5 million Windows devices were impacted. While\u00a0<strong>not<\/strong>\u00a0a breach, it\u2019s a powerful reminder that\u00a0<strong>vendor and update risks<\/strong>\u00a0can cripple operations\u2014especially for organizations without robust continuity plans.<\/p>\n<h2>Why small businesses should care<\/h2>\n<ul>\n<li><strong>Social engineering scales down.<\/strong>\u00a0Attackers don\u2019t need malware when they can trick an employee into authorizing a malicious app or sharing credentials.<\/li>\n<li><strong>\u201cBasic\u201d contact data fuels bigger scams.<\/strong>\u00a0Names, titles, and email formats make phishing much more convincing.<\/li>\n<li><strong>Third\u2011party risk is real.<\/strong>\u00a0Even when your own systems are clean, your vendors\u2019 mistakes can disrupt your operations.<\/li>\n<\/ul>\n<h2>5 steps you can take this week<\/h2>\n<ol>\n<li><strong>Lock down CRM &amp; cloud access.<\/strong>\u00a0Enforce MFA everywhere, review connected OAuth apps, and remove anything you don\u2019t recognize or no longer need.<\/li>\n<li><strong>Harden Microsoft 365 &amp; Google Workspace.<\/strong>\u00a0Enable conditional access, block legacy auth, monitor suspicious sign\u2011ins, and restrict external sharing.<\/li>\n<li><strong>Deploy Endpoint Protection\/EDR with 24\/7 monitoring.<\/strong>\u00a0Automated tools + human eyes reduce dwell time and stop lateral movement.<\/li>\n<li><strong>Backups you can actually restore.<\/strong>\u00a0Test recovery, keep offline\/immutable copies, and document an incident\u2011response checklist.<\/li>\n<li><strong>Run a phishing awareness refresher.<\/strong>\u00a0Short, realistic exercises (including voice\u2011phishing scenarios) can cut click\u2011throughs dramatically.<\/li>\n<\/ol>\n<h2>Need help right now?<\/h2>\n<p>If you use Salesforce, Microsoft 365, Google Workspace, or any third\u2011party cloud apps, a\u00a0<strong>quick posture check<\/strong>\u00a0can uncover easy fixes. We help Brandon\u2013Lakeland businesses put enterprise\u2011grade protections in place\u2014fast.<\/p>\n<p><strong>\ud83d\udce9 Contact CMIT Solutions Brandon\u2013Lakeland<\/strong><br \/>\n<a href=\"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/contact-us\" target=\"_blank\" rel=\"noopener\">Request a consult<\/a>\u00a0\u00a0|\u00a0 mworlund@cmitsolutions.com \u00a0|\u00a0 (656) 220-2180<\/p>\n<h2>Sources<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.axios.com\/2025\/08\/06\/google-shinyhunters-salesforce-data-breach\" target=\"_blank\" rel=\"noopener\">Axios \u2013 Google Salesforce breach<\/a><\/li>\n<li><a href=\"https:\/\/www.techradar.com\/pro\/security\/pandora-confirms-data-breach-customer-data-stolen-heres-what-we-know\" target=\"_blank\" rel=\"noopener\">TechRadar \u2013 Pandora breach<\/a><\/li>\n<li><a href=\"https:\/\/socradar.io\/salesforce-data-breach-affecting-multiple-companies\/\" target=\"_blank\" rel=\"noopener\">SOCRadar \u2013 Salesforce campaign<\/a><\/li>\n<li><a href=\"https:\/\/www.techmarketview.com\/ukhotviews\/archive\/2025\/08\/06\/retail-brands-fall-victim-to-salesforce-data-theft-campaign\" target=\"_blank\" rel=\"noopener\">TechMarketView \u2013 Retail victims<\/a><\/li>\n<li><a href=\"https:\/\/techcrunch.com\/2025\/08\/05\/hacker-used-a-voice-phishing-attack-to-steal-cisco-customers-personal-information\/\" target=\"_blank\" rel=\"noopener\">TechCrunch \u2013 Cisco breach<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/pbs-confirms-data-breach-after-employee-info-leaked-on-discord-servers\/\" target=\"_blank\" rel=\"noopener\">BleepingComputer \u2013 PBS breach<\/a><\/li>\n<li><a href=\"https:\/\/www.securityweek.com\/microsoft-says-8-5-million-windows-devices-impacted-by-crowdstrike-incident-publishes-recovery-tool\/\" target=\"_blank\" rel=\"noopener\">SecurityWeek \u2013 CrowdStrike outage<\/a><\/li>\n<li><a href=\"https:\/\/www.bbc.com\/news\/articles\/cpe3zgznwjno\" target=\"_blank\" rel=\"noopener\">BBC \u2013 CrowdStrike outage<\/a><\/li>\n<li><a href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/366596532\/Microsoft-Faulty-CrowdStrike-update-affected-85M-devices\" target=\"_blank\" rel=\"noopener\">TechTarget \u2013 CrowdStrike outage<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Over the past few weeks, a wave of data breaches has put&#8230;<\/p>\n","protected":false},"author":1051,"featured_media":709,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19,18,17],"tags":[],"class_list":["post-756","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-data-backup","category-data-security"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/posts\/756","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/users\/1051"}],"replies":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/comments?post=756"}],"version-history":[{"count":0,"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/posts\/756\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/media\/709"}],"wp:attachment":[{"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/media?parent=756"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/categories?post=756"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cmitsolutions.com\/brandon-lakeland-fl-1222\/wp-json\/wp\/v2\/tags?post=756"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}