Cloudflare was affected by a supply chain attack involving the exfiltration of OAuth tokens from Salesloft, impacting customer support data. The incident highlights vulnerabilities in third-party integrations that can lead to broader security breaches. #Salesloft #OAuthTokens
Keypoints
- Cloudflare experienced data exposure due to a third-party supply chain attack involving Salesloft.
- Hackers accessed customer support submissions containing sensitive information, including tokens and passwords.
- Salesloftβs security flaws contributed to credential leaks affecting organizations relying on its services.
- Cloudflare responded by rotating API tokens, notifying customers, and recommending disconnection from Salesloft.
- The incident underscores the risks of third-party service integrations in enterprise cybersecurity.
Read More: https://securityonline.info/cloudflare-confirms-supply-chain-attack-customer-support-data-exposed/