Salesloft Drift Breach: How GitHub Missteps Led to a Data Heist of Epic Proportions!
The Salesloft Drift breach had hackers snooping around between March and June, compromising big names like Google and Cloudflare. They accessed the Salesloft GitHub account, pinched OAuth tokens, and broke into Salesforce instances. The investigation, led by Mandiant, confirmed the incident is now contained. Salesloft Drift breach drama continues!
Hot Take:
Looks like the digital thieves had a “drift” in their evil plans, slipping into Salesloft’s GitHub like they were sneaking into a VIP party. Talk about taking the “sales” out of Salesloft and putting in “fail”! It’s a heist that even Hollywood’s ‘Oceans’ crew would envy. Or maybe, this is what happens when your “drift” turns into a full-blown landslide. Either way, it’s a plot twist that even the most seasoned cybersecurity pro could never have predicted!
Key Points:
- Salesloft’s GitHub account was breached, affecting numerous companies including Google and Cloudflare.
- Mandiant led the investigation, revealing the breach occurred between March and June.
- Attackers accessed Salesloft’s and Drift’s environments, compromising OAuth tokens and Salesforce data.
- Suspected threat groups include UNC6395 and possibly ShinyHunters.
- Salesloft responded by taking applications offline and rotating credentials.