Gainsight CEO Chuck Ganapathi downplayed the victim count related to his company's recent breach, saying he's only aware of "a handful of customers" who had their data affected after Salesforce flagged unusual activity involving Gainsight's connected app.

This contradicts what Google Threat Intelligence Group principal analyst Austin Larsen told The Register last week: "GTIG is aware of more than 200 potentially affected Salesforce instances." Larsen also said ShinyHunters was "likely" behind the digital intrusion, which the extortion crew later confirmed to The Register .

Google's Mandiant incident response team is assisting with the forensic investigation related to the breach.

Salesforce first disclosed the suspicious activity on November 19, and in response, revoked all access and r

See Full Page