Google Threat Intelligence
-
Palo Alto Networks says Salesforce data exposed in breach tied to Salesloft Drift supply-chain attack
Palo Alto Networks disclosed a data breach linked to a broader Salesloft Drift supply-chain attack that exposed customer data in its Salesforce CRM. The incident involved OAuth token abuse, mass exfiltration of Salesforce records, and credential harvesting, prompting token revocation, Drift disablement, and guidance for customers to review logs and rotate secrets.
-
Zscaler confirms Salesforce data exposure tied to Salesloft Drift compromise amid wider Salesforce breach activity
Zscaler confirms a data breach tied to the Salesloft Drift supply-chain attack, exposing customer Salesforce data due to compromised Drift credentials. The company revoked Drift integrations, rotated tokens, and reinforced customer authentication while investigations continue; Google Threat Intelligence links UNC6395 to the broader campaign affecting Salesforce environments.
