Tanium Data Breach (2025)

"We want to let you know about a recent social engineering campaign targeting Salesforce customers, including attackers stealing OAuth tokens from the third-party Salesloft Drift application. Salesloft Drift is used for automating sales processes, and it integrates with Salesforce databases, pulling relevant information such as leads and contact details into the platform to help coordinate pitches. The unauthorized access of Salesloft Drift is in line with similar Salesforce-related incidents which have impacted many organizations in recent weeks. We were recently notified that the attackers had obtained Tanium credentials from Salesloft Drift and may have been able to access Tanium’s Salesforce data. Based on our investigation, the threat actors had limited access to our Salesforce data and the impact of their unauthorized access to Salesloft Drift was limited to Salesforce and no other Tanium systems."