Salesforce appears in the ShinyHunters Charter Communications breach (SCC-DBR-2026-0142) as the data exfiltration target: compromised Microsoft Entra credentials were used to authenticate to Charter’s Salesforce CRM environment and bulk-export approximately 4.9 million customer PII records. No Salesforce software vulnerability was exploited; the breach succeeded because of authentication control gaps upstream of Salesforce and insufficient data access governance within the platform.