1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Zscaler says it suffered data breach following Salesloft Drift co

    From TechnologyDaily@1337:1/100 to All on Tue Sep 2 14:45:09 2025
    Zscaler says it suffered data breach following Salesloft Drift compromise

    Date:
    Tue, 02 Sep 2025 13:36:00 +0000

    Description:
    Names, email addresses, and phone numbers stolen from Zscaler's account.

    FULL STORY ======================================================================Zscaler confirms losing sensitive customer data from its account The attackers moved in after compromising Salesloft's Drift platform Some believe this was done
    by ShinyHunters

    We can now add Zscaler to the growing list of Salesloft customers who
    suffered a third-party cyberattack and lost sensitive customer information after it confirmed data was taken.

    In the announcement, Zscaler explained it was a customer of Salesloft, whose AI chat platform, Salesloft Drift, was compromised.

    Since this platform connects with Salesforce, the miscreants managed to move laterally, stealing OAuth and refresh tokens, and accessing data from customers such as Zscaler. ShinyHunters or UNC6395?

    The company stressed its systems and products were not compromised, just the data:

    The scope of the incident is confined to Salesforce and does not involve access to any of Zscaler's products, services or underlying systems and infrastructure, it said.

    Still, the attackers managed to steal names, business email addresses, job titles, phone numbers, regional and location details, Zscaler product licensing and commercial information, as well as content from certain support cases.

    The company said that so far, there is no evidence of the data being abused
    in the wild, but it still asked its users to remain vigilant and wary of incoming phishing and social engineering attacks. Zscaler also said it
    revoked all Salesloft Drift integrations, rotated API tokens, and kicked off an in-depth investigation.

    So far, attribution of the attack was rather challenging. Googles Threat Intelligence Group (GTIG) believes it to be the work of a threat actor it tracks as UNC6395.

    ShinyHunters, a known ransomware operator and data thief, also assumed responsibility, a claim confirmed to the media by multiple security researchers.

    Via BleepingComputer You might also like Google warns Salesloft Drift attack may have compromised Workspace accounts and Salesforce instances Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/zscaler-says-it-suffered-data-breach-fo llowing-salesloft-drift-compromise


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)