Pandora (Partial) Breach

The incident is one of several breaches affecting Salesforce in 2025. A group calling itself "Scattered LAPSUS$ Hunters" released a limited sample of the stolen database on October 3, 2025. The records have since been indexed and anonymized in our search engine.

According to the attackers, the full dataset is scheduled for release on October 10, 2025.

Data found in hackers’ sample -

🧍 Personal Information

• Full name - ✅ Present
• Gender - ⛔ Empty
• Birthdate - ⛔ Empty
• Title / salutation - ⛔ Empty

📧 Contact Information

• Email address - ✅ Present
• Mobile phone number - ⛔ Empty
• Home / primary phone number - ✅ Present
• Mailing address - ✅ Present (partial; present for one record)
• Shipping address - ✅ Present (city, state, postal code, street, country)
• Country - ✅ Present (“Canada”)
• Latitude / longitude - ⛔ Empty

🏢 Account / CRM Data

• Account name - ✅ Present
• Currency - ✅ Present (“USD”)
• Description - ⛔ Empty
• Source system identifier - ⛔ Empty
• Account type - ✅ Present (PersonAccount flag true)
• Partner / portal flags - ✅ Present (false)
• Channel program fields - ⛔ Empty
• Last activity date - ✅ Present
• Account / contact linkage - ✅ Present

💬 Marketing & Communication

• Opt-in / opt-out flags - ⛔ Empty
• Marketing channel data - ⛔ Empty

⚙️ System Metadata

• Record timestamps (activity, view, reference dates) - ✅ Present
• CurrencyIsoCode - ✅ Present
• System IDs / record ownership - ⛔ Empty
• Country code / state code - ✅ Present