Google Sounds the Alarm: Salesloft Drift Breach Bigger Than Believed, Affects Google Workspace Accounts
The Salesloft Drift breach is bigger than your uncle’s waistline after Thanksgiving dinner. Google reports attackers didn’t just stop at Salesforce; they also used stolen OAuth tokens to sneak into Google Workspace email accounts. So, if you’re using Drift, treat those tokens like they’re radioactive—revoke, rotate, and review!
Hot Take:
Who knew that what started as a sales pitch could turn into a data breach? Google’s latest reveal about the Salesloft Drift breach is the plot twist nobody asked for, with more OAuth tokens flying around than a Black Friday at an API store. It’s time to revoke those tokens faster than a bad credit card at a Vegas casino!
Key Points:
- Google reports the Salesloft Drift breach is more extensive than initially thought.
- Attackers used stolen OAuth tokens to access Salesforce and Google Workspace accounts.
- The breach impacts integrations beyond Salesforce, including Google Workspace emails.
- Google advises treating all Drift-connected tokens as compromised and recommends revoking them.
- Salesloft has disabled several integrations while forensic investigations are underway.
Already a member? Log in here