Google has confirmed that hackers have stolen Salesforce data from over 200 companies in a major supply chain attack.

On Thursday, Salesforce revealed that “certain customers’ Salesforce data” had been compromised, though it did not disclose the affected companies, through apps released by Gainsight, a provider of customer support platforms to businesses.

In a statement, the principal threat analyst at Google Threat Intelligence Group,
Austin Larsen, said the company “is aware of more than 200 potentially affected Salesforce instances.”

Following Salesforce’s breach announcement, the notorious hacking collective Scattered Lapsus$ Hunters, which includes the ShinyHunters gang, claimed responsibility for the attacks in a Telegram channel viewed by TechCrunch.

The group stated that its hacks targeted companies including Atlassian, CrowdStrike, DocuSign, F5, GitLab, LinkedIn, Malwarebytes, SonicWall, Thomson Reuters, and Verizon.

Google declined to comment on specific victims.