Techly NewsGet the app

Get the latest tech news

Salesloft says Drift customer data thefts linked to March GitHub account hack


The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the breach.

Salesloft said a breach of its GitHub account in March allowed hackers to steal authentication tokens that were later used in a mass-hack targeting several of its big tech customers. Citing an investigation by Google’s incident response unit Mandiant, Salesloft said on its data breach page that the as-yet-unnamed hackers accessed Salesloft’s GitHub account and performed reconnaissance activities from March until June, which allowed them to download “content from multiple repositories, add a guest user and establish workflows.” In stealing these tokens, the threat actors breached several Salesloft’s customers, such as Bugcrowd, Cloudflare, Google, Proofpoint, Palo Alto Networks, and Tenable, among others, many of which are likely still unknown.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of drift

drift

Photo of Salesloft

Salesloft

Related news:

News photo

Salesloft: March GitHub repo breach led to Salesforce data theft attacks

News photo

Attacks on Salesloft AI Chatbot Claim Another Victim: Cloudflare

News photo

Google warns Salesloft breach impacted some Workspace accounts

« Signal introduces free and paid backup plans for your chats
iPhone dumbphone »