ShinyHunters has added BCD Travel to its extortion site, claiming to have compromised more than 700,000 Salesforce records along with data allegedly obtained from multiple corporate SharePoint environments.
The travel management company was listed by the threat actor with a June 1 deadline to enter negotiations before the alleged data is released. The post also included a warning that additional “digital” problems could follow if an agreement is not reached.
BreachNews has not independently verified the authenticity of the claims or whether the alleged data was obtained from BCD Travel systems.
Salesforce data allegedly compromised
According to the threat actor, the alleged breach involves more than 700,000 Salesforce records as well as data taken from various corporate SharePoint sites.
No samples or technical evidence were publicly provided alongside the listing at the time of publication, making it difficult to assess the scope or nature of the purported compromise.
If authentic, access to Salesforce and SharePoint environments could potentially expose customer information, internal business records, operational data, documents, communications, and other sensitive corporate information depending on the systems affected.
Latest victim in ongoing ShinyHunters campaign
The claim follows a growing number of organizations recently added to ShinyHunters’ extortion platform as part of what appears to be an ongoing campaign targeting enterprise cloud services and business applications.
Recent victims named by the group have included Charter Communications, DentaQuest, and Baker Distributing, with some organizations later confirming security incidents while disputing the scope of the threat actor’s allegations.
BreachNews also recently reported on ShinyHunters’ claim that Charter Communications data was released following failed negotiations, highlighting the group’s continued use of pay-or-leak extortion tactics.
Travel sector could face operational risks
BCD Travel is one of the world’s largest corporate travel management companies, providing travel services and booking solutions to organizations across multiple industries.
Because the company handles corporate travel operations, booking information, and customer account data, any confirmed compromise could have implications for both business customers and travelers depending on the systems involved.
At this stage, however, the threat actor’s claims remain unverified and no evidence has been presented publicly to support the alleged record count.
BCD Travel had not issued any public statement regarding the claim at time of publication.
