Cloudflare Joins List of Salesloft Drift Breach Victims
bankinfosecurityFull Breach Scope Remains Unclear; Hundreds of Organizations Reportedly Affected Mathew J. Schwartz (euroinfosec) • September 3, 2025
A rash of data breaches caused by hackers' theft of access tokens from marketing-as-a-service software provider Salesloft's Drift artificial intelligence chat agent now also includes Cloudflare, alongside what investigators say are many hundreds victims looted for customer data.
See Also: OnDemand | Transform API Security with Unmatched Discovery and Defense
Cloudflare on Tuesday said the attacker who perpetrated the breach against Salesloft last month stole OAuth access tokens used to access Cloudflare's Salesforce customer relationship management instance and steal data.
The attacker also breached Salesforce instances for Salesloft customers Zscaler and Palo Alto Networks, which respectively issued their own security alerts to customers on Saturday and Monday. All of the firms said Salesloft warned them last week of the breach and follow-up attacks.
Investigators at Google Cloud's Mandiant incident ...
Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE