#oauth-tokens

[ follow ]
#salesforce #data-breach #salesloft #drift #lawsuits #identity-theft #data-exfiltration #unc6395
Privacy professionals
fromTheregister
7 hours ago

Salesforce faces class action after Salesloft breach

Salesforce faces multiple lawsuits alleging inadequate security after a cyberattack exposed customer data and increased identity-theft risk, with plaintiffs seeking damages and injunctive relief.
fromTechzine Global
2 weeks ago

How one Salesloft account led to a cavalcade of data breaches

From March to June 2025, a cyber attacker was able to snoop around in Salesloft's GitHub account. This resulted in the theft of tokens that link Drift, Salesloft's sales platform, to Salesforce environments. As a result, large companies fell victim to one data breach after another this summer. As an intruder in Salesloft's GitHub account, the attacker was able to download the contents of various repositories, add a guest user, and set up workflows.
Information security
Information security
fromThe Hacker News
1 month ago

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

Hackers breached Salesloft to steal Drift OAuth and refresh tokens, enabling exfiltration of Salesforce data and credentials from multiple corporate instances.
[ Load more ]