Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

More Cybersecurity Firms Hit by Salesforce-Salesloft Drift Breach

Posted on September 5, 2025September 5, 2025 By CWS

Cybersecurity companies Proofpoint, SpyCloud, Tanium, and Tenable have confirmed that data of their Salesforce cases was compromised as a part of the current Salesforce–Salesloft Drift assault.

The marketing campaign was publicly disclosed on August 26, when Google’s risk intelligence staff reported {that a} risk actor tracked as UNC6395 exported giant volumes of knowledge utilizing compromised OAuth tokens for the third-party AI chatbot Salesloft Drift.

The attackers, Google mentioned, exploited the Salesforce-Salesloft Drift integration to steal information pertaining to a whole bunch of organizations, concentrating on delicate data equivalent to AWS entry keys, passwords, and Snowflake-related entry tokens.

Initially believed to solely affect organizations that used the Drift integration, the marketing campaign was later discovered to have affected different Salesforce clients as effectively.

On August 28, Google revealed that Workspace clients had been affected, and safety companies Cloudflare, Palo Alto Networks, and Zscaler disclosed affect as effectively shortly after.

General, the assault is estimated to have hit over 700 organizations, and Proofpoint, SpyCloud, Tanium, and Tenable have confirmed being affected.

Proofpoint revealed that the attackers accessed its Salesforce tenant by the compromised Drift integration, and that they considered sure data saved in it.

“At the moment, there is no such thing as a proof that this provide chain incident affected Proofpoint’s software program, companies, safety merchandise, customer-protected information, or inner company community,” the corporate mentioned.Commercial. Scroll to proceed studying.

SpyCloud, which was beforehand a Salesloft Drift buyer, introduced that normal buyer relationship administration fields had been compromised within the assault.

“Client information just isn’t believed to have been accessed. We notified our clients final week that information referring to their relationship with SpyCloud was uncovered by this Salesloft Drift incident,” SpyCloud mentioned.

Tanium confirmed that the attackers exploited the Salesloft Drift integration to entry information in its Salesforce occasion, and that data equivalent to names, electronic mail addresses, cellphone numbers, and area/location references was compromised.

“We are able to verify definitively that unauthorized entry was restricted to our Salesforce information and no entry to the Tanium platform or another inner methods or sources happened,” Tanium famous.

Tenable revealed that assist case data, together with topic strains, preliminary descriptions, and enterprise contact particulars, equivalent to names, cellphone numbers, enterprise electronic mail addresses, and regional/location references, was compromised within the assault.

The corporate additionally famous that it had no proof that the stolen data had been misused, including that it took all the mandatory steps to deal with the problem, together with rotating credentials, eradicating the appliance, securing its methods, and monitoring the Salesforce occasion.

Associated: Impostor Makes use of AI to Impersonate Rubio and Contact International and US Officers

Associated: Easy methods to Implement Impactful Safety Benchmarks for Software program Growth Groups

Associated: The AI Conference: Lofty Objectives, Authorized Loopholes, and Nationwide Safety Caveats

Associated: Attaining “Frictionless Protection” within the Age of Hybrid Networks

Security Week News Tags:Breach, Cybersecurity, Drift, Firms, Hit, SalesforceSalesloft

Post navigation

Previous Post: Automation Is Redefining Pentest Delivery
Next Post: Hackers Use AI Platforms to Steal Microsoft 365 Credentials in Phishing Campaign

Related Posts

Spiking Neural Networks: Brain-Inspired Chips That Could Keep Your Data Safe Security Week News
SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations Security Week News
Hackers Inject Malware Into Gravity Forms WordPress Plugin  Security Week News
Settlement Reached in Investors’ Lawsuit Against Meta CEO Mark Zuckerberg and Other Company Leaders Security Week News
Sophisticated Malware Deployed in Oracle EBS Zero-Day Attacks Security Week News
Compyl Raises $12 Million for GRC Platform Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Critical Argument Injection Vulnerability in Popular AI Agents Let Attackers Execute Remote Code
  • TARmageddon Flaw in Popular Rust Library Leads to RCE
  • New Tykit Phishing Kit Mimics Microsoft 365 Login Pages to Steal Corporate Account Credentials
  • Critical Vulnerabilities Patched in TP-Link’s Omada Gateways
  • Multiple Gitlab Security Vulnerabilities Let Attackers Trigger DoS Condition

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Critical Argument Injection Vulnerability in Popular AI Agents Let Attackers Execute Remote Code
  • TARmageddon Flaw in Popular Rust Library Leads to RCE
  • New Tykit Phishing Kit Mimics Microsoft 365 Login Pages to Steal Corporate Account Credentials
  • Critical Vulnerabilities Patched in TP-Link’s Omada Gateways
  • Multiple Gitlab Security Vulnerabilities Let Attackers Trigger DoS Condition

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News