Salesloft Drift Security Incident 

Summary

SolarWinds has been made aware of a recent data breach involving Salesforce, which resulted in the unauthorized access and theft of sensitive customer data. The breach was primarily caused by compromised OAuth tokens associated with the Salesloft Drift integration.

This vulnerability enabled attackers to export large volumes of data from multiple Salesforce customer instances. The attackers’ primary objective appears to have been the collection of sensitive credentials, including access keys and passwords.

While SolarWinds does utilize Salesforce, our internal investigation has confirmed that we do not use the Salesloft Drift integration. As such, SolarWinds is not impacted by this breach.

Nevertheless, given the critical nature of this incident, we are treating it as a high-priority concern. We have reviewed our security protocols and have confirmed the integrity of our systems and data. We are continuously monitoring the situation.