Avalara Data Breach (2025)

"On August 27, 2025, we identified a security issue involving Salesloft Drift, the application we use to provide chat functionality on our website that integrates with Salesforce CRM. We disconnected the application and began an investigation, engaging with both Salesloft and Salesforce. Salesloft confirmed that a threat actor had compromised its systems, stole credentials, and used those credentials to run searches in customers’ Salesforce environments. Our investigation confirmed that we had been impacted. At this time, there is no evidence that Salesloft’s security incident affected Avalara’s software or services, or customer data contained within them."