The Salesloft Drift incident is quickly turning into the next MOVEit MFT fiasco, as yet another company confirms losing sensitive data in the third-party attack.
This time around, it is the American multinational cybersecurity company Palo Alto Networks that confirmed losing customer data and support cases information in the breach. It all began with the sales engagement platform Salesloft. It uses Drift, a conversational marketing and sales platform with live chat, chatbots, and AI, to engage visitors in real time. Working alongside it is SalesDrift, a third-party platform linking Drift’s AI chat functionality to Salesforce, syncing conversations, leads, and cases, into the CRM via the Salesloft ecosystem.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- GM credential stuffing attack exposed car owners’ personal info
May 24, 2022
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed some customers’ information and allowed hackers to redeem rewards points for gift cards. General Motors operates an online platform to help owners of Chevrolet, Buick, GMC, and Cadillac vehicles manage their bills, services, and redeem rewards points. Car ...
- Engineering firm Parker discloses data breach after ransomware attack
May 16, 2022
The Parker-Hannifin Corporation announced a data breach exposing employees’ personal information after the Conti ransomware gang began publishing allegedly stolen data last month. Parker is an Ohio-based corporation specializing in advanced motion and control technologies, with a strong focus in aerospace hydraulic equipment. It has a revenue of $15.6 billion and employs over 58,000 people. Parker-Hannifin says ...
- Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests
March 30, 2022
Apple Inc. and Meta Platforms Inc., the parent company of Facebook, provided customer data to hackers who masqueraded as law enforcement officials, according to three people with knowledge of the matter. Apple and Meta provided basic subscriber details, such as a customer’s address, phone number and IP address, in mid-2021 in response to the forged “emergency ...
- Authentication oufit Okta investigating Lapsus$ breach report
March 22, 2022
The Lapsus$ extortion crew has turned its attention to identity platform Okta and published screenshots purportedly showing the group gaining access to the company’s internals. The incident follows the group’s claim over the weekend that it had made off with chunks of Microsoft’s code. However, a compromise at Okta could be altogether more serious since the ...
- Bridgestone Americas confirms ransomware attack, LockBit leaks data
March 11, 2022
A cyberattack on Bridgestone Americas, one of the largest manufacturers of tires in the world, has been claimed by the LockBit ransomware gang. The threat actor announced that they will leak all data stolen from the company and launched a countdown timer, which is currently at less than three hours. Bridgestone has tens of production units across ...
- Latin e-commerce giant Mercado Libre hacked
March 10, 2022
Latin American e-commerce company Mercado Libre had its systems hacked in an incident that exposed information related to 300,000 users of the platform. The NASDAQ-listed company disclosed the incident in an 8-K filing to the US Securities and Exchange Commission, noting that part of its source code had been subject to unauthorized access, exposing user data. The ...

