Elastic Data Breach (2025)

"On August 26, 2025, Salesloft Drift publicly disclosed a security incident impacting its platform. Shortly after, Google’s Threat Intelligence Group released an in-depth report detailing the threat actor’s activity. Although Elastic did not receive notification of impact, since Elastic uses Drift for certain business applications, we immediately initiated our incident response protocols to proactively assess any potential impact on Elastic systems and customer data. Impact on Elastic and our customers Our investigation confirmed that Elastic’s Salesforce environment was not impacted. However, we did identify exposure of a single email account through the “Drift Email” integration that may have granted an unauthorized actor read-only access to emails received in that inbox. After scanning the contents of this inbox, we identified a small number of inbound emails that included potentially valid credentials. For each of these cases where we identified a potential credential leak, we notified customers through existing support channels. If you did not receive notice from us, we did not identify you as an affected customer."