ADVERTISEMENT

Massive attack hits Salesforce users: hackers exfiltrating data with stolen third-party app credentials

Hackers raided numerous corporate Salesforce instances by abusing compromised access tokens from Salesloft Drift integrations, a premium AI-powered conversational marketing platform. Cyber pros warn that OAuth tokens are becoming one of the biggest risks: unlike user sessions, they don’t expire.

Salesforce data leak

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Aug 27, 2025 Updated: 27 August 2025 3 min read
Has my data been leaked?
Gintaras Radauskas jurgita vilius Niamh Ancell BW
Stay informed and get our latest stories on Google News
Add us as your Preferred Source on Google.
ADVERTISEMENT
drift
Image by Cybernews.

OAuth tokens turning against users

salesforce-attack-flow
Image by AppOmni.
ADVERTISEMENT