JD Supra

Salesforce Users: Organizations Using the Salesloft Drift AI Chat Agent with Salesforce Must Check Their Presence for Compromise

Salesloft issued a security notification on August 26 regarding its Drift application. It appears to be a broad opportunistic attack on Salesloft/Drift instances integrated with Salesforce tenants.
Bleeping Computer

Salesloft: March GitHub repo breach led to Salesforce data theft attacks

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in widespread Salesforce data theft attacks in August. Salesloft is a widely ...
Bleeping Computer

Zscaler data breach exposes customer info after Salesloft Drift compromise

Cybersecurity company Zscaler warns it suffered a data breach after threat actors gained access to its Salesforce instance and stole customer information, including the contents of support cases. This ...
Krebs on Security

The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many ...
Dark Reading

Blast Radius of Salesloft Drift Attacks Remains Uncertain

As more customers disclose data breaches resulting from the Salesloft Drift supply-chain attack, questions remain about how severe these breaches are and how bad they're going to get. Last month, ...
TechRepublic

Google Identifies ‘Widespread Data Theft’ Impacting Salesforce-Salesloft Drift Users

Google Threat Intelligence Group shared its findings about a threat actor responsible for stealing Salesforce customer data via Salesloft Drift. A previously unidentified threat actor, UNC6395, has ...
Hosted on MSN

Salesforce data missing? It might be due to Salesloft breach, Google says

Attackers steal OAuth tokens to access third-party sales platform, then CRM data in 'widespread campaign' UPDATE Google says a recent spate of Salesforce-related breaches was caused by attackers ...
Infosecurity-magazine.com

Salesloft: GitHub Account Breach Was Ground Zero in Drift Campaign

A major data theft campaign targeting Salesforce data via the Salesloft Drift app began after threat actors compromised a key GitHub account, Salesloft has revealed. The sales engagement firm said in ...
TechCrunch

Salesloft says Drift customer data thefts linked to March GitHub account hack

Salesloft said a breach of its GitHub account in March allowed hackers to steal authentication tokens that were later used in a mass-hack targeting several of its Big Tech customers. Citing an ...
Hosted on MSN

Hackers claim they stole 1.5 billion Salesforce records from hundreds of companies in major hack - but are they telling the truth?

ShinyHunters claim theft of 1.5 billion records from 760 global companies Attackers exploited GitHub secrets to access sensitive Salesforce object tables FBI issued warnings as hacker groups announced ...
JD Supra

UPDATE: Organizations Using the Salesloft Drift AI Chat Agent Must Check It for Compromise

On August 28th, Mandiant issued an update to its previous Salesloft Drift advisory. Therein, Mandiant discussed that Salesloft issued a security notification on Aug. 26 regarding its Drift application ...