"A recent Salesforce data breach involving the Salesloft Drift integration has affected multiple organizations, including cybersecurity company Tenable. The company confirmed that limited customer contact and support case data were exposed but emphasized that no core product data was compromised. Scope of exposed information Tenable reported that information accessed included names, email addresses, phone numbers, business regions, and details submitted through support case subject lines and descriptions. The company said core platform and product data were not impacted, according to its investigation and official disclosures."
"Investigators have tied the breach to an ongoing cyber campaign targeting organizations that use Salesforce with the Salesloft Drift marketing tool. Reports from outlets like CRN and Cybersecurity News note that attackers leveraged compromised OAuth tokens and credentials to extract sensitive data. Other affected companies reportedly include Palo Alto Networks, Zscaler, Cloudflare, Proofpoint, and CyberArk."
"Following its discovery of the breach, Tenable says it: Revoked and rotated credentials for Salesforce and related services Disabled and removed the Drift integration from its Salesforce environment Hardened access controls across its SaaS infrastructure Applied threat intelligence from Salesforce and third-party security researchers Deployed continuous monitoring tools to detect further suspicious activity Tenable stressed that its quick response was meant to reduce the risk of additional exposure."
A Salesforce-Salesloft Drift integration breach exposed limited customer contact and support case data at multiple organizations, including Tenable. Tenable reported that accessed information included names, email addresses, phone numbers, business regions, and details submitted in support case subject lines and descriptions, and stated that core platform and product data were not impacted. Investigations tied the incident to a campaign exploiting compromised OAuth tokens and credentials from Salesforce integrations. Other impacted vendors reportedly include Palo Alto Networks, Zscaler, Cloudflare, Proofpoint, and CyberArk. Tenable revoked and rotated credentials, removed the Drift integration, hardened access controls, applied threat intelligence, and deployed continuous monitoring to reduce further risk.
Read at App Developer Magazine
Unable to calculate read time
Collection
[
|
...
]