Salesforce Snafu: Hackers Drift Through Cloudflare, Palo Alto, and Zscaler in Data Heist Debacle
Salesforce-Salesloft Drift took a data dive, with Cloudflare, Palo Alto Networks, and Zscaler confirming their Salesforce instances were hacked. Hackers used compromised OAuth tokens to export data, affecting hundreds. Credentials, AWS keys, and more were targeted. Salesforce halted integrations, while Drift went offline for repairs. It’s a credential-harvesting comedy, minus the laughs.
Hot Take:
Looks like hackers have been keeping themselves busy with some Salesforce shopping sprees! And here we thought they were just binge-watching the latest cyber-thriller series. With Cloudflare, Palo Alto Networks, and Zscaler joining the “We Got Hacked” club, it seems like everyone’s Salesforce instances were the hottest ticket in town. Who knew OAuth tokens could be the VIP pass to all the sensitive data you ever dreamed of?
Key Points:
- Hackers used compromised OAuth tokens to access Salesforce data through Salesloft Drift.
- Cloudflare, Palo Alto Networks, and Zscaler confirmed their Salesforce instances were hacked.
- The campaign aimed at extracting sensitive information like AWS keys and passwords.
- Salesforce disabled all integrations with Salesloft, taking Drift offline for a security review.
- Google revealed that Google Workspace customers were also affected by the attack.