Qualys confirms limited Salesforce data access during Drift hacking campaign raising security concerns

Hackers accessed some Salesforce information from risk management company Qualys during the ongoing Salesforce Drift hacking campaign, but they did not affect Qualys’ main platforms or customer data hosted on its cloud services.

Qualys Confirms Limited Salesforce Data Breach

In a statement released on September 6, Qualys said it became aware of a “widespread Salesloft / Drift supply chain incident” affecting third-party integrations with Drift.

The company emphasized that its production systems, private platforms, and operational services remain fully functional. “All Qualys platforms continue to be fully operational, and at no time was there any operational impact,” the company stated.

However, the hackers did manage to gain “limited access” to certain Salesforce information connected to Qualys. The company immediately disabled all Drift integrations and launched an investigation to determine the extent of the intrusion.

Investigation Underway with Mandiant Support

Qualys is working with security experts from Mandiant, the same firm helping many other companies affected by the Drift-related attacks. The company confirmed that it is monitoring the situation closely and reviewing security measures to protect customer data.

Qualys said it will keep investigating and watching the situation. The company is also working to improve security and protect its customers. Qualys reassured customers that it will share updates when new information becomes available.

How Cyber Attacks on Industrial Control Systems Can Endanger Lives ?

The Salesforce Drift hacking campaign has affected several other major IT security companies, including Zscaler, PagerDuty, Tanium, and CloudFlare. Hackers reportedly gained access to Salesloft’s GitHub account between March and June of this year.

They were able to perform reconnaissance and eventually obtained OAuth tokens for many of Salesloft’s customers’ technology integrations. These tokens allowed unauthorized access to customer data, raising concerns about widespread exposure.

Salesloft Confirms Containment and Forensic Review

Salesloft, the company at the center of the breach, confirmed that it has contained the campaign. According to their update, Mandiant’s team has moved from actively investigating to conducting a forensic quality assurance review.

The experts are now confirming that they have addressed all traces of the attack and are assessing any potential weaknesses in the system.

Qualys’ inclusion among the victims highlights the reach and impact of the Salesforce Drift compromise. Despite being a security-focused company, Qualys was still affected, showing that even firms specializing in cybersecurity are not immune to sophisticated attacks.

CISA warns China-linked hacking group continues long-running campaign against 80 countries

The breach has made many organizations improve security for third-party integrations. They are also watching for any suspicious activity. Qualys acted quickly by disabling Drift connections and calling in security experts. Customers are being updated as the investigation continues.

The Salesforce Drift hacking campaign continues to make headlines. It is affecting more companies that use Salesloft and Drift integrations. Qualys and other affected companies are staying open and careful. Forensic reviews and investigations are ongoing.

Renuka Bangale
Renuka Bangale
Renuka is a distinguished Chartered Accountant and a Certified Digital Threats Analyst from Riskpro, renowned for her expertise in cybersecurity. With a deep understanding of cybercrimes, malware, cyber warfare, and espionage, she has established herself as an authority in the field. Renuka combines her financial acumen with advanced knowledge of digital threats to provide unparalleled insights into the evolving landscape of information security. Her analytical prowess enables her to dissect complex cyber incidents, offering clarity on risks and mitigation strategies. As a key contributor to Newsinterpretation’s information security category, Renuka delivers authoritative articles that educate and inform readers about emerging threats and best practices.

TOP 10 TRENDING ON NEWSINTERPRETATION

Oracle warns of extortion emails hitting E-Business Suite users amid software gaps

Oracle has confirmed that customers using its E-Business Suite...

Newsom warns California colleges of losing state funds if they sign Trump education compact

California Governor Gavin Newsom has issued a strong warning...

Vance accuses Democrats of shutting down America to protect AOC’s political power

The United States government entered a shutdown on Wednesday,...

AI is making phishing, ransomware, and cybercrime more dangerous for accountants

Artificial intelligence is making cyberattacks faster, smarter, and more...

Kamala Harris: “Republicans just shutdown the government to make your health care cost more”

The United States federal government officially shut down early...

AOC takes center stage: “Trump is bluffing — Democrats must not blink” as shutdown looms

Rep. Alexandria Ocasio-Cortez (D-N.Y.) has called on her Democratic...

Hacker gains access to FEMA and Border Patrol systems in multi-week breach

Massive Hack Hits FEMA and Border Patrol A major cyberattack...

Government shutdown 2025 begins with essential services continuing while nonessential workers furloughed

The United States federal government officially entered a Government...

Midterm manipulation fury: Newsom warns Americans are paying price for GOP power games

Midterm Politics and Impeachment ControversyPublic Reaction and Urgency in...

“Pay more and enjoy nothing”—Newsom torches Trump’s tariff push as costs for food, cars, and flights soar

California Governor Gavin Newsom has strongly criticized President Donald...

Oracle warns of extortion emails hitting E-Business Suite users amid software gaps

Oracle has confirmed that customers using its E-Business Suite...

Newsom warns California colleges of losing state funds if they sign Trump education compact

California Governor Gavin Newsom has issued a strong warning...

Vance accuses Democrats of shutting down America to protect AOC’s political power

The United States government entered a shutdown on Wednesday,...

AI is making phishing, ransomware, and cybercrime more dangerous for accountants

Artificial intelligence is making cyberattacks faster, smarter, and more...

Kamala Harris: “Republicans just shutdown the government to make your health care cost more”

The United States federal government officially shut down early...

AOC takes center stage: “Trump is bluffing — Democrats must not blink” as shutdown looms

Rep. Alexandria Ocasio-Cortez (D-N.Y.) has called on her Democratic...

Hacker gains access to FEMA and Border Patrol systems in multi-week breach

Massive Hack Hits FEMA and Border Patrol A major cyberattack...

Government shutdown 2025 begins with essential services continuing while nonessential workers furloughed

The United States federal government officially entered a Government...

Related Articles

Popular Categories

error: Content is protected !!