Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Incident management firm PagerDuty is one of hundreds confirming its customer data was potentially compromised by the Salesloft Drift data breach.
Digital operations and incident management firm PagerDuty has confirmed it is responding to the “potential exposure” of its customer data as part of a widespread third-party supply chain hack targeting the Salesloft Drift marketing chat platform.
“We want to inform our customers that PagerDuty was notified by Salesloft on August 20, 2025, of a security issue in the Drift application,” PagerDuty said in a 29 August blog post.
“On August 23rd, Salesloft informed us of a security incident in which attackers exploited a vulnerability in Salesloft Drift’s OAuth integration flow with Salesforce. Through this hijacked authorisation process, a threat actor may have been able to gain unauthorised access to PagerDuty’s Salesforce account.”
PagerDuty said no PagerDuty credentials were exposed; however, it has disabled Salesloft Drift’s access to its Salesforce data and is continuing to investigate the incident.
“Given the potential exposure of names, phone numbers, and email addresses, PagerDuty recommends extra vigilance with respect to potential phishing and social engineering attacks,” PagerDuty said.
“PagerDuty will never contact anyone by phone to request a password or any other secure details. All official communication from PagerDuty comes through our trusted support channels.”
Security analysts have identified at least 700 organisations caught up in the Salesloft Drift breach, including several cyber security companies. Zscaler revealed yesterday that some of its customer data had been compromised, with Palo Alto Networks and CloudFlare following suit overnight.
With so many companies already disclosing various levels of compromise, we can expect more companies to come forward in the coming days.
Salesloft’s most recent update on the incident, dated 28 August, said the company had engaged Mandiant and Coalition, “leading cyber security experts”, to assist in its investigation.
“Our focus remains on ensuring the integrity and security of our systems and your data,” Salesloft said.
“We will continue to provide updates as we have new information.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
