"Salesforce refers to "unusual activity related to Gainsight applications." Initially, Gainsight appeared to be unaware of this when the tool's connection to the Salesforce platform was severed, according to the status page. Later, Gainsight also disappeared from the Hubspot Marketplace and Zendesk. Google's Mandiant security team has now been called in to conduct a forensic investigation. Gainsight confirms Salesforce's claim that there is no Salesforce vulnerability."
"Gainsight has over 1,000 customers, more than 200 of whom may have affected Salesforce instances. That is the finding of Google Threat Intelligence Group, as reported to CyberScoop. Salesloft Drift, the integration that caused problems in August, affected approximately 700 victims. Cloudflare, PagerDuty, Palo Alto Networks, and Zscaler were among those affected. This was a different leak than the wave of Salesforce data theft in the spring, which affected Adidas and Chanel , among others. Gainsight itself was also affected by the Salesloft leak."
In August Salesforce instances were compromised via a Salesloft integration that exposed customer data. A separate incident now involves Gainsight and its connector to Salesforce, prompting Salesforce to cite unusual activity related to Gainsight applications and to sever the connector as a precaution. Google Mandiant and other teams have been called in to perform a forensic investigation. Google Threat Intelligence Group reported that more than 200 Salesforce instances may be affected among Gainsight's 1,000+ customers. Exact victim identities remain unclear. Gainsight and Salesforce state that no underlying Salesforce platform vulnerability has been found.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]