Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Salesloft Drift Attacks Hits Vendors

September 4, 2025
Reading Time: 3 mins read
in Incidents
Salesloft Drift Attacks Hits Vendors

The ongoing cyberattack, which originated at Salesloft Drift, has ensnared multiple technology companies, including Cloudflare, PagerDuty, Palo Alto Networks, and SpyCloud. Victim organizations continue to be identified as they search for evidence of compromise or receive official notices from Salesloft and other firms involved in the response and recovery efforts. Although Salesloft initially claimed the exposure was limited to customers with Salesforce integrations, Google Threat Intelligence Group and Mandiant Consulting, a firm now assisting Salesloft, have stated that any platform integrated with Drift is potentially at risk. The exact method by which the threat group, known as UNC6395, gained initial access to Salesloft Drift remains unconfirmed by the company.

Salesloft has decided to take the Drift platform offline to expedite a comprehensive review and bolster its security. The company, which acquired Drift in February 2024, has been largely silent on the matter since the attacks began. This incident occurred shortly after Salesloft announced an agreement to merge with Clari, a competitor in the customer-relationship management space. The merger, which aims to serve over 5,000 global organizations, has been overshadowed by the cybersecurity disaster, leaving customers concerned and seeking clarity.

The fallout from the attacks has created widespread anxiety as customers try to determine if they were impacted and, if so, to what extent their data or their customers’ data was compromised. While not every Salesloft Drift customer was affected, many businesses were less fortunate. For instance, Okta confirmed it was a target, although an attempted attack on its Salesforce instance was unsuccessful. Conversely, other companies have confirmed significant exposure.

Palo Alto Networks was among the hundreds of organizations affected by the supply chain attack. The company’s incident response team, Unit 42, confirmed that the breach was contained within its Salesforce environment and did not impact any of its products or services. While most of the data stolen was business contact information, a small number of customers who included sensitive details like credentials in their case notes might have also had that data compromised.

Cloudflare also reported that any information its customers shared with the company’s support system, including logs, tokens, or passwords, should be considered compromised. The company found 104 of its API tokens in the stolen data and, as a precaution, rotated them even though no evidence of misuse was found. Cloudflare emphasized that its services and infrastructure were not compromised but issued an apology to its customers for the breach. This sentiment was echoed by other firms who were previously customers of Salesloft and Drift but still had some data exposed.

Reference:

  • Salesloft Drift Attacks Hit Cloudflare And Palo Alto Networks
Tags: cyber incidentsCyber Incidents 2025Cyber threatsSeptember 2025
ADVERTISEMENT

Related Posts

Salesloft Drift Attacks Hits Vendors

Jaguar Land Rover Hit By Cyber Incident

September 4, 2025
Salesloft Drift Attacks Hits Vendors

Hackers Use Grok Ai To Spread Malware

September 4, 2025
Austria Ministry Reports Email Breach

Austria Ministry Reports Email Breach

September 4, 2025
Austria Ministry Reports Email Breach

Hackers Breach Fintech In Bank Heist Try

September 4, 2025
Austria Ministry Reports Email Breach

Ransomware Hits Pennsylvania AG Office

September 4, 2025
Sitecore Exploit Chain Warning

Lotte Card Cyberattack Reported

September 2, 2025

Latest Alerts

CISA Flags TP Link Router Flaws

Lazarus Hackers Exploit ZeroDay, Deploy Rats

Google Patches 120 Flaws In Android

WhatsApp Scam Lets Hackers Hijack Chats

Malicious Npm Package Mimics Nodemailer

Android Droppers Turn Into Malware Tools

Subscribe to our newsletter

    Latest Incidents

    Salesloft Drift Attacks Hits Vendors

    Jaguar Land Rover Hit By Cyber Incident

    Hackers Use Grok Ai To Spread Malware

    Austria Ministry Reports Email Breach

    Hackers Breach Fintech In Bank Heist Try

    Ransomware Hits Pennsylvania AG Office

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial