Techly NewsGet the app

Get the latest tech news

Battered by cyberattacks, Salesforce faces a trust problem - and a potential class action lawsuit


It's been a brutal year for Salesforce customers. ZDNET research reveals the CRM giant could be doing more to secure the parts of its platform exploited in recent attacks.

A March 2025 company blog post notes that threat actors "have been reported luring our customers' employees and third-party support workers to phishing pages designed to steal credentials and [multi-factor authentication] tokens or prompting users to navigate to the login.salesforce[. The scale of success achieved by the threat actors begs the questions of how they've managed to penetrate the Salesforce-stored data of so many organizations -- many of which are experts in cybersecurity themselves -- and what Salesforce is doing (or not doing) to mount a lasting technical defense to better protect its customers. Citing nothing specific like DPoP, MTLS, FAPI or token-binding(another option that my research uncovered), Arkin said "There are probably new and clever ideas waiting to be discovered and invented and so we're working together not just internally but with our partners in the ecosystem to figure out what more we do as an industry to better manage these types of risks."

Get the Android app

Or read this on ZDNet

Read more on:

Photo of Salesforce

Salesforce

Photo of cyberattacks

cyberattacks

Photo of trust problem

trust problem

Related news:

News photo

Battered by cyberattacks, is Salesforce facing a trust problem?

News photo

1.1 million Farmers Insurance customers hit by data breach linked to Salesforce hack

News photo

Salesforce launches ‘Missionforce,’ a national security-focused business unit

« I tested the best $20 security camera you can buy (and it works outdoors)
Amazon will refund $1.5B to 35M customers allegedly duped into paying for Prime »