#oauth-token-theft

[ follow ]
Information security
fromThe Hacker News
3 days ago

Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations

All Salesloft Drift integrations and stored authentication tokens are potentially compromised, enabling attackers to access Salesforce instances and Google Workspace accounts via stolen OAuth tokens.
fromTheregister
5 days ago

Google links Salesforce data thefts to Salesloft breach

Attackers stole OAuth tokens from the Drift app used by Salesloft to access Salesforce databases and exfiltrate sensitive credentials and customer records.
#salesloft-breach
fromTechzine Global
5 days ago
Information security

Hackers steal Salesforce data via Salesloft integration

Hackers exploited the Salesloft–Drift–Salesforce integration to steal OAuth and refresh tokens, gaining access to customer data including AWS keys and passwords.
fromDataBreaches.Net
5 days ago
Information security

Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks - DataBreaches.Net

Threat actors stole Drift OAuth and refresh tokens via Salesloft's SalesDrift, pivoting into Salesforce environments to exfiltrate credentials and cloud access keys.
[ Load more ]