Archetyp Links

Cloudflare Inc. is warning users of its technology to beef up their security after a hacker accessed the internet infrastructure company’s customer support data. “Any information that a customer may have shared with Cloudflare in our support system — including logs, tokens or passwords — should be considered compromised, and we strongly urge you to rotate any credentials that you may have shared with us through this channel,” Cloudflare wrote in a blog post on Tuesday. Cloudflare learned last week that it was impacted by the mass theft of Salesforce data through a breach of Salesloft Inc.’s Drift, a customer service chatbot. Drift integrates with Salesforce to automate customer service interactions. As a result, “someone outside Cloudflare” got access to its Salesforce systems for customer support and internal case management, the company said. ADVERTISEMENT Most of the information comprises customer contact information and basic IT support data. But some of it included access tokens used for user authorization or information about a customer’s IT configuration, according to the post. No Cloudflare services were compromised, and all affected customers have been informed directly by Cloudflare, it added. A Salesloft spokesperson didn’t immediately respond to a request for comment, nor did a representative for Cloudflare. Allen Tsai, a Salesforce spokesperson, said in an email, “Salesforce has disabled all integrations between Salesforce and Salesloft technologies, including the Drift app. Organizations will not be able to connect to Salesforce via any Salesloft apps until further notice.” Tsai noted that the issue didn’t stem from a vulnerability within the core Salesforce platform. According to Alphabet Inc.’s Google, hundreds of organizations are believed to be impacted by the breach of Drift, a popular AI chatbot developed by Salesloft, which integrates with customers’ Salesforce data to automate client support interactions. Over the weekend, cybersecurity companies Palo Alto Networks Inc. and Zscaler Inc. said that they were victims of the Drift hacking campaign. Both advised in blog posts that only basic customer information was accessed. Salesloft advised customers on Aug. 19 to refresh access tokens used to secure the connection between Drift and Salesforce apps to stop outsiders from getting in. Security professionals were left scrambling to refresh tokens that protected customer data flowing between their organization and Drift over the holiday weekend, after Google warned that it may not just be Salesforce data that’s been accessed but any apps that integrate with the chatbot. “We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised,” Google warned last week.