CyberSecurityBoard
Sponsor Register Login

Salesloft and Drift Expose Customer Authentication Tokens in Data Leak

Salesloft and Drift, two prominent sales engagement platforms, recently experienced a significant data leak involving customer authentication tokens. This incident has raised serious concerns about the security measures these companies have in place to protect sensitive customer data. The leak potentially exposed tokens that could allow unauthorized access to customer accounts, leading to risks such as data theft, account takeover, and further exploitation by malicious actors. The breach highlights the critical need for robust security protocols, including encryption, token management, and regular security audits, especially for platforms handling sensitive authentication credentials. Customers and organizations using these services are advised to review their security settings, monitor account activity, and implement multi-factor authentication where possible to mitigate risks. This event serves as a stark reminder of the vulnerabilities in cloud-based sales and marketing tools and the importance of continuous vigilance and improvement in cybersecurity practices. Companies must prioritize securing authentication mechanisms to maintain trust and protect their users from potential cyber threats.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 29 Aug 2025 12:30:19 +0000


Cyber News related to Salesloft and Drift Expose Customer Authentication Tokens in Data Leak

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
Salesloft confirms GitHub breach, Drift also impacted - Salesloft, a leading sales engagement platform, recently confirmed a security breach involving its GitHub repositories. The breach was discovered after suspicious activity was detected, leading to an investigation that revealed unauthorized access to ...
3 months ago Infosecurity-magazine.com
Adobe Real-Time CDP: Personalized Customer Experience - Adobe Experience Cloud Products like Adobe Real-Time CDP are available to assist. A revolutionary solution called Adobe Real-Time Customer Data Platform was created to assist companies in realizing the whole value of their customer data. Adobe ...
2 years ago Hackread.com
E-commerce Security: Protecting Customer Data - In today's digital landscape, ensuring the security of customer data in e-commerce is a crucial concern for businesses. Protecting e-commerce data security is a complex task that requires a comprehensive understanding of the challenges faced by ...
1 year ago Securityzap.com
Salesloft and Drift Expose Customer Authentication Tokens in Data Leak - Salesloft and Drift, two prominent sales engagement platforms, recently experienced a significant data leak involving customer authentication tokens. This incident has raised serious concerns about the security measures these companies have in place ...
3 months ago Cybersecuritynews.com
Cloudflare hit by data breach in SalesLoft, Drift supply chain attack - Cloudflare, a leading web infrastructure and security company, has recently been impacted by a significant data breach linked to a supply chain attack involving SalesLoft and Drift. This incident highlights the growing risks associated with ...
3 months ago Bleepingcomputer.com
Zscaler, Palo Alto Networks Breached in SalesLoft, Drift Attacks - Recent cyberattacks have targeted major cybersecurity companies Zscaler and Palo Alto Networks through breaches at SalesLoft and Drift, two prominent sales engagement platforms. These incidents highlight the increasing risk of supply chain attacks ...
3 months ago Darkreading.com
Elastic, SalesLoft, and Drift Confirm Security Incidents Impacting Customer Data - Recently, major tech companies Elastic, SalesLoft, and Drift disclosed security incidents that have raised concerns about customer data protection. These incidents involved unauthorized access to internal systems, potentially exposing sensitive ...
3 months ago Cybersecuritynews.com
Why Tokens Are Like Gold for Opportunistic Threat Actors - COMMENTARY. Authentication tokens aren't actual physical tokens, of course. Authentication tokens are an important part of cybersecurity. Which means that anyone with a token has a gold key to corporate systems - without requiring a multifactor ...
1 year ago Darkreading.com
Review: Top 5 For Outsourced Customer Service Solutions UK and Abroad - For companies that have too many phone calls and emails to keep up, it is very common to outsource your customer services, either domestically in the UK or abroad to the likes of India or The Philippines. An outsourced customer service firm can ...
1 year ago Itsecurityguru.org
Salesloft Breached After GitHub Account Compromise - Salesloft, a prominent sales engagement platform, recently disclosed a security breach resulting from a compromised GitHub account. The attackers gained unauthorized access to the company's internal systems by exploiting credentials linked to their ...
3 months ago Darkreading.com
Cloudflare Victimized in SalesLoft Data Breach - Cloudflare, a leading internet security and performance company, recently fell victim to a data breach through SalesLoft, a sales engagement platform. The breach exposed sensitive information, highlighting the risks associated with third-party ...
3 months ago Infosecurity-magazine.com
The Rise of Digital Customer Experience - Digital customer experience is a hot topic these days. In all seriousness, digital customer experience is one of the most important differentiators for your business. At its core, DCX is about the customer journey-a guided path for your customers to ...
2 years ago Feedpress.me
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks - In a significant cybersecurity incident, the hacking group ShinyHunters has claimed responsibility for stealing 1.5 billion Salesforce records through breaches involving the company Drift. This massive data breach highlights the increasing risks ...
3 months ago Bleepingcomputer.com ShinyHunters
Meta AI Models Cracked Open With Exposed API Tokens - Researchers recently were able to get full read and write access to Meta's Bloom, Meta-Llama, and Pythia large language model repositories in a troubling demonstration of the supply chain risks to organizations using these repositories to integrate ...
2 years ago Darkreading.com
Okta: Breach Affected All Customer Support Users - When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of ...
2 years ago Krebsonsecurity.com
SalesLoft, Drift Attacks' Blast Radius Uncertain - Recent cyberattacks targeting SalesLoft and Drift have raised concerns about the potential blast radius and impact on customers and partners. These attacks highlight the growing trend of supply chain and third-party vendor compromises, which can lead ...
3 months ago Darkreading.com
Salesloft breached to steal OAuth tokens for Salesforce data theft attacks - Salesloft, a sales engagement platform, suffered a security breach where attackers stole OAuth tokens to access Salesforce data. This incident highlights the increasing risks associated with OAuth token theft, which can lead to unauthorized access to ...
4 months ago Bleepingcomputer.com
Exposed Hugging Face API tokens jeopardized GenAI models - Lasso Security researchers discovered 1,681 Hugging Face API tokens exposed in code repositories, which left vendors such as Google, Meta, Microsoft and VMware open to potential supply chain attacks. In a blog post published Monday, Lasso Security ...
2 years ago Techtarget.com
The Irrefutable Case for Customer-Native DSPM - The counterpoint to these awful statistics is the emergence of data security posture management, which involves the continuous assessment, monitoring, and enhancement of an organization's data security. While some DSPM providers advocate traditional ...
1 year ago Securityboulevard.com
The Ongoing Fallout From a Breach at AI Chatbot Maker Salesloft | Krebs on Security - In September 2025, Salesloft, a prominent AI chatbot maker, suffered a significant data breach that has since led to ongoing fallout affecting its operations and customers. The breach exposed sensitive information, raising concerns about the security ...
3 months ago Krebsonsecurity.com
Zscaler data breach exposes customer info after SalesLoft, Drift compromise - Zscaler, a leading cloud security company, recently disclosed a data breach impacting its customers following compromises at SalesLoft and Drift, two prominent sales engagement platforms. The attackers exploited vulnerabilities in these third-party ...
3 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)