Pantheon Data Breach (2025)

"Our investigation has confirmed that a threat actor exploited a vulnerability in the Salesloft Drift application’s OAuth integration with Salesforce to gain unauthorized access to CRM data. Pantheon was notified on August 28, 2025 of this compromise that occurred between August 12–15, 2025. The breach resulted in the exfiltration of business information about customer renewals and internal sales account data from our CRM system. While this exposure was limited to Salesforce data connected through Drift, some contact details related to accounts were compromised. Our platform and your hosted websites were not infiltrated and have not been affected."