From March to June 2025, a cyber attacker was able to snoop around in Salesloft's GitHub account. This resulted in the theft of tokens that link Drift, Salesloft's sales platform, to Salesforce environments. As a result, large companies fell victim to one data breach after another this summer. As an intruder in Salesloft's GitHub account, the attacker was able to download the contents of various repositories, add a guest user, and set up workflows.
The Salesloft Drift breach that compromised "hundreds" of companies including Google, Palo Alto Networks, and Cloudflare, all started with miscreants gaining access to the Salesloft GitHub account in March. This new information comes from a Saturday update into the Mandiant-led investigation - Salesloft hired the incident response firm to determine the root cause and scope of the incident - and a Sunday alert that the integration between Salesloft and Salesforce has now been restored.
Salesloft and Clari's merger signifies the advent of autonomous revenue systems, enabling collaboration between humans and agents to enhance productivity and growth. This combined entity will manage over 10 billion revenue actions and 1 trillion data signals, establishing a substantial foundation for training LLM models and AI agents.