#oauth-token-theft

[ follow ]
#unc6395 #salesforce-breach #salesloft-drift #salesforce #salesloft-breach #salesforce-data-exfiltration
Information security
fromThe Hacker News
2 days ago

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Salesloft is temporarily taking Drift offline after a supply-chain attack stole authentication tokens, potentially compromising platforms integrated with Drift.
Information security
fromIT Pro
3 days ago

The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of follow-up phishing attacks

Zscaler experienced a Salesforce data exposure after Salesloft Drift OAuth token theft, allowing limited access to contact details and Salesforce-related commercial information.
Information security
fromThe Hacker News
1 week ago

Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations

All Salesloft Drift integrations and stored authentication tokens are potentially compromised, enabling attackers to access Salesforce instances and Google Workspace accounts via stolen OAuth tokens.
Information security
fromTheregister
1 week ago

Google links Salesforce data thefts to Salesloft breach

Attackers stole OAuth tokens from the Drift app used by Salesloft to access Salesforce databases and exfiltrate sensitive credentials and customer records.
#salesloft-breach
more#salesloft-breach
[ Load more ]