The renowned Danish jewelry company Pandora has confirmed a security breach that exposed customer data following a cyberattack that compromised a third-party platform,, specifically its Salesforce environment.. The company has communicated that unauthorized access was stopped and that its security measures have been reinforced..
From the incident, it appears that cybercriminals accessed only basic customer information — such as names,, email addresses, and dates of birth — while more sensitive data, such as passwords or financial information, remains intact.. Everything indicates that the ShinyHunters group is behind this attack., that has managed to infiltrate through phishing techniques and OAuth manipulation in multiple organizations using Salesforce.
Security experts have warned that such incidents are on the rise within the retail sector. They comment that although the exposed data may seem “harmless”, it is valuable for targeted phishing campaigns. In addition, they have observed an increase in 58 % incidents related to ransomware in the second quarter of 2025, data that reflects a latent and growing threat to companies.
Salesforce, for its part, has clarified that its platform has not been breached and that the origin of the incident lies in security failures in clients, not in the central system. That is why, urges its users to adopt better protection practices, how to enable multi-factor authentication (MFA), apply the principle of least privilege and strictly control connected applications.
Fountain: BleepingComputer
Image: Mb01021999, CC BY-SA 4.0, via Wikimedia Commons
