This can't have been a great month for Salesforce and SaaS in general. In a nutshell - a third party app provider suffered a breach which resulted in some OAuth tokens being stolen/taken that then allowed these hackers to access Salesforce and now Google Workspace data. The common thread seems to be that both Salesforce and Google Workspaces instances that were impacted used the same Drift AI Chat and Drift Email services. As the world pivoted to cloud so have hackers..
See:
Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States, with BleepingComputer learning the data was stolen from it's Salesforce account.
Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks
Storm-0501 hackers shift to ransomware attacks in the cloud
Google warns Salesloft breach impacted some Workspace accounts
------------------------------
Wayne Schulz
wayne@s-consult.comSchulz Consulting
(860) 516-8990
CT
------------------------------