Skip to content

Shiny Trust Breach – Detailed Timeline

Incident ID: SIM-SHINY-2025-01
Date: [Insert Date]
Author: Marjean Mayo-Baker | GRC Simulation Architect

Event Timeline

08:47 – End user reports inability to access Salesforce data.
08:52 – Multiple failed SSO attempts observed across Google Workspace.
09:00 – SOC identifies anomalous token requests from unfamiliar IP ranges.
09:07 – Vendor escalation initiated with Salesforce.
09:15 – Discovery: OAuth tokens exposed due to misconfigured API trust.
09:22 – Adversary uses AI-assisted scripts to enumerate Salesforce objects.
09:30 – Suspicious data queries spike across Salesforce accounts.
09:45 – Session revocation initiated; residual trust relationships remain exploitable.
10:05 – Internal escalation to executive leadership.
10:30 – Draft Executive Breach Brief prepared for board-level review.
11:00 – Governance response: AI Risk Clause added to vendor contract templates.