Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens
hackread.comSalesloft Drift breach traced to GitHub compromise and stolen OAuth tokens, Mandiant confirms breach contained and Salesforce data targeted.
Heard about the recent data breaches where attackers used the Salesloft Drift application to access Salesforce data? There’s now a major update. The company has provided new details about the recent security incident involving its Drift application, confirming that the breach has been contained and customer protections are in place.
The company brought in Google-owned cybersecurity firm Mandiant on August 28 to lead an investigation into the compromise. The scope of the engagement included identifying the root cause, assessing the damage, and validating that Salesloft’s core environment remained secure.
GitHub Access Preceded the Breach
Salesloft’s advisory detailing Mandiant’s findings published today shows that the attacker gained access to a Salesloft GitHub account between March and June 2025. During this period, they downloaded content from several private repositories ...
Copyright of this story solely belongs to hackread.com . To see the full text click HERE