Palo Alto Networks becomes the latest to confirm it was hit by Salesloft Drift attack


The Salesloft Drift incident is quickly turning into the next MOVEit MFT fiasco, as yet another company confirms losing sensitive data in the third-party attack.

This time around, it is the American multinational cybersecurity company Palo Alto Networks that confirmed losing customer data and support cases information in the breach. It all began with the sales engagement platform Salesloft. It uses Drift, a conversational marketing and sales platform with live chat, chatbots, and AI, to engage visitors in real time. Working alongside it is SalesDrift, a third-party platform linking Drift’s AI chat functionality to Salesforce, syncing conversations, leads, and cases, into the CRM via the Salesloft ecosystem.

Read more…
Source: TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Data from 500M LinkedIn Users Posted for Sale Online

    April 9, 2021

    Personal data from more than 500 million LinkedIn users has been posted for sale online in yet another incident of threat actors scraping data from public profiles and slinging it online for potential cybercriminal misuse. Hackers posted an archive containing data they said includes LinkedIn IDs, full names, professional titles, email addresses, phone numbers and other ...

  • Facebook data on 533 million users posted online

    April 4, 2021

    Data of 533 million Facebook users including phone numbers, Facebook IDs, full names, birth dates and other information have been posted online. The data dump was Tweeted by Alon Gal, CTO of security firm Hudson Rock. Gal posted a list of affected users by country. According to his list, the US had 32.3 million affected users ...

  • Ransomware gang leaks data stolen from Colorado, Miami universities

    March 23, 2021

    Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group. Starting in December, threat actors affiliated with the Clop ransomware operation began targeting Accellion FTA servers and stealing the data stored on them. Companies use these servers to share ...

  • Cybercriminals Are Making, and Demanding, More Money Than Ever

    March 17, 2021

    Ransomware is one of the top threats in cybersecurity and a focus area for Palo Alto Networks. The global threat intelligence team (Unit 42) and incident response team (The Crypsis Group) have partnered to create the 2021 Unit 42 Ransomware Threat Report to provide the latest insights on the top ransomware variants, ransomware payment trends ...

  • Accellion zero-day claims a new victim in cybersecurity company Qualys

    March 4, 2021

    Qualys has revealed that a “limited” number of customers may have been impacted by a data breach connected to an Accellion zero-day vulnerability. The cloud security and compliance firm said on Wednesday that the security incident did not have any “operational impact,” but “unauthorized access” had been obtained to an Accellion FTA server used by the ...

  • Maza Russian cybercriminal forum suffers data breach

    March 4, 2021

    The Maza cybercriminal forum has reportedly suffered a data breach leading to the leak of user information. On March 3, Flashpoint researchers detected the breach on Maza — once known as Mazafaka — which has been online since at least 2003. Maza is a closed and heavily-restricted forum for Russian-speaking threat actors. The community has been connected ...