Salesforce Alarm: ShinyHunters Strike Again, Gainsight Apps Pulled Amid Data Breach Scare!
Salesforce detected “unusual activity” in Gainsight apps, leading to unauthorized data access. As a precaution, they’ve revoked access tokens and pulled the apps from AppExchange. Meanwhile, Gainsight’s app was also removed from HubSpot Marketplace. The ShinyHunters group claims responsibility, linking this to previous attacks on Salesloft Drift. Stay vigilant, folks!
Hot Take:
Well, it seems like Salesforce’s cloud might be showering us with more than just features and updates. It’s raining unauthorized data access, courtesy of the Gainsight app. Who knew that connecting apps could be such a gateway to the wild, wild west of cyber threats? Consider this a friendly reminder that even in the cloud, it pays to carry an umbrella—of security practices, of course!
Key Points:
- Salesforce has identified unusual activity linked to Gainsight applications, potentially allowing unauthorized access to customer data.
- All active access and refresh tokens for these applications have been revoked, and the apps temporarily removed from the AppExchange.
- The ShinyHunters group is suspected to be behind this breach, similar to previous attacks on Salesloft Drift instances.
- Salesforce emphasizes that their platform was not directly compromised; the issue originated from the app’s external connection.
- Organizations are advised to scrutinize third-party application connections and manage OAuth tokens vigilantly.