Zscaler experienced a major data breach due to a supply-chain attack on its third-party vendor, Salesloft, leading to the exposure of sensitive customer information. The incident involved the theft of OAuth tokens from Salesloft’s Drift platform, allowing unauthorized access to Zscaler’s Salesforce environment. #SupplyChainAttack #OAuthTokenTheft
Keypoints
- The breach was caused by a compromise of Salesloft’s Drift platform used by Zscaler.
- Threat actors identified as UNC6395 exploited stolen OAuth tokens for access.
- The attackers accessed Zscaler’s Salesforce environment and exfiltrated customer data.
- Shared information included names, email addresses, job titles, and regional details.
- Zscaler responded by revoking integrations, rotating API tokens, and enhancing security measures.
Read More: https://dailydarkweb.net/zscaler-customer-data-allegedly-exposed-via-salesloft-supply-chain-attack/