Zscaler has confirmed that it is among the latest organizations to be impacted by a major supply chain attack exploiting the Salesloft Drift application, which integrates with Salesforce.
According to the company, attackers managed to steal OAuth tokens tied to the third-party app, giving them access to Zscaler’s Salesforce environment. The security vendor explained that the compromised data mainly consisted of business-related information rather than sensitive personal or financial records. Specifically, the exposed details included names, work email addresses, job titles, phone numbers, location data, licensing and commercial details relating to Zscaler products, as well as plain-text content from certain customer support cases. However, Zscaler emphasized that no attachments, files, or images were accessed in the incident.
Upon detecting the unauthorized activity, the company acted quickly by revoking the Drift app’s access and rotating other API tokens as a precaution. In addition, it claimed to have put in place new safeguards and strengthened protocols to reduce the likelihood of similar breaches in the future.
While Zscaler noted that the incident appeared limited in scope and said there is no evidence so far of any misuse of the exposed data, it urged customers to exercise extra caution. The company warned that malicious actors could exploit the stolen information for phishing campaigns or social engineering attacks, and therefore advise
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: