The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of follow-up phishing attacks
Briefly

The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of follow-up phishing attacks
"Cloud security firm Zscaler is latest organization to disclose that it's been hit by a data breach linked to the recent Salesloft Drift attacks. The incident, like many others, involved the theft of OAuth tokens connected to Salesloft Drift, a third-party application used for automating sales workflows that integrates with Salesforce databases to manage leads and contact information. "As part of this campaign, unauthorized actors gained access to Salesloft Drift credentials of its customers including Zscaler," the company said in an advisory."
"Data accessed in the breach consisted of publicly available details for points of contact, along with specific Salesforce-related content. This included names, business email addresses, job titles, phone numbers, location details, Zscaler product licensing and commercial information, and plain text content from certain support cases, although this didn't include attachments, files, or images. "After extensive investigation, Zscaler has currently found no evidence to suggest misuse of this information," said the firm."
Zscaler suffered limited Salesforce access after OAuth tokens tied to Salesloft Drift were stolen. Stolen credentials permitted access to publicly available contact points and specific Salesforce-related records. Exposed content included names, business emails, job titles, phone numbers, location details, product licensing, commercial information, and plain-text support-case content; attachments, files, and images were not accessed. Zscaler reports no current evidence of data misuse. The company revoked Salesloft Drift access, rotated API tokens, launched a detailed investigation with Salesforce, and implemented extra safeguards, stronger vendor risk reviews, and enhanced customer authentication to reduce phishing and future risk.
Read at IT Pro
Unable to calculate read time
[
|
]