Cloudflare has been affected by a recent supply-chain attack linked to Salesloft Drift breaches, resulting in the exposure of customer support data and API tokens. Threat actors targeted Salesforce instances to steal customer information and credentials, raising concerns about future targeted attacks. #Salesloft #Drift #Salesforce #Cloudflare
Keypoints
- The attack compromised Cloudflareβs Salesforce case management system, exposing 104 API tokens.
- Threat actors stole only text-based support case data between August 12 and 17.
- The breach is part of a broader campaign involving the theft of customer data from multiple organizations.
- Attackers are actively looking for secrets like AWS keys, VPN credentials, and passwords within stolen data.
- Security experts suspect the threat actors aim to use the collected information for future targeted attacks.