When Third-Party Apps Attack: How Hackers Hijacked Salesforce Data at Major Tech Firms
Hackers exploited the Salesloft Drift app to steal OAuth tokens and access Salesforce data, leaving tech giants scrambling. The cyberattack, a classic “supply chain” breach by the group UNC6395, exposed customer details from multiple firms. It was like finding the backdoor to a VIP party, but with less dancing and more data theft.
Hot Take:
In the latest episode of “As the Cyber World Turns,” hackers have managed to outsmart some of the globe’s most formidable tech titans by pulling a fast one on their third-party app. It’s like a heist movie, but with less George Clooney and more nerdy coding. The hackers used the back door to sneak into Salesforce accounts, proving once again that even the strongest chains have their weak links—in this case, a snazzy sales app with security holes big enough to drive a virtual truck through. Who knew that playing with Salesloft Drift could lead to such a data drift?
Key Points:
- Hackers exploited the Salesloft Drift app to swipe OAuth tokens, giving them unauthorized access to Salesforce data.
- Major tech firms like Palo Alto Networks, Zscaler, and PagerDuty were hit, with business contacts exposed.
- The attack focused on a third-party app vulnerability, not the companies’ main systems.
- Zscaler and PagerDuty confirmed no core products were affected but advised vigilance against phishing.
- TransUnion also reported a related breach, affecting 4.4 million US consumers.