The recent supply-chain attack on Salesloft’s Drift platform has resulted in data breaches at prominent cybersecurity firms Cloudflare and Palo Alto Networks, exposing sensitive customer data. This incident highlights the growing risks associated with third-party integrations in supply-chain attacks. #UNC6395 #SalesloftBreach
Keypoints
- The attack exploited compromised OAuth tokens from Salesloft’s Drift platform to access Salesforce data.
- Cloudflare’s exposed data includes customer contact details and support case information, potentially containing API tokens and passwords.
- Palo Alto Networks reported exposure of business contacts and some support case details, with core services unaffected.
- Both companies have revoked compromised credentials and are notifying affected customers to mitigate impacts.
- The breach underscores the threat posed by threat actors exploiting supply-chain vulnerabilities in third-party platforms.