Tenable, a well-known cybersecurity company, has confirmed that it was affected by a recent large-scale data theft campaign. The attack targeted Salesforce and Salesloft Drift integrations, and Tenable was one of the organizations caught up in the incident.
The company stressed that while customer contact details were accessed, Tenable products and the data inside those products were not impacted.
According to Tenable, the breach involved unauthorized access to its Salesforce system. The exposed information included subject lines and short descriptions submitted by customers when opening support cases.
Additionally, standard business contact information, such as customer names, email addresses, phone numbers, and location details, was also accessed. At this point, the company stated there is no evidence that this information has been misused.
Immediate Actions Taken
In response to the discovery, Tenable quickly took a series of steps to protect its systems and customers’ data. These measures included:
- Revoking and rotating all potentially compromised Salesforce, Drift, and related credentials.
- Strengthening its Salesforce and connected environments to prevent further exploitation.
- Completely disabling and removing the Salesloft Drift application from its Salesforce instance.
- Applying known indicators of compromise shared by Salesforce and top cybersecurity experts.
- Maintaining continuous monitoring of its Salesforce and other SaaS applications using Tenable’s own security technology.
The company said these measures were critical to stop further threats and to harden its internal systems moving forward.
Tenable emphasized its commitment to keeping customers informed at every step. Impacted customers were notified promptly after the incident was confirmed.
The company also recommended customers review proactive security guidance issued by Salesforce and cybersecurity experts to stay protected against similar threats.
Tenable highlighted that while the information exposed was business-related contact details, the safety and privacy of its customers remain a top priority.
The company said that it is continuing its investigation alongside industry experts to fully understand the impact and ensure all possible safeguards are in place.
For customers who may still have concerns, Tenable has assured round-the-clock availability of its support team.
Customers can reach out to Tenable directly at [email protected] for additional assistance and guidance.
In its statement, the cybersecurity firm emphasized that transparency and trust are fundamental to its mission.
“We remain committed to a thorough and open response to every security issue,” the company said. “Our teams are working tirelessly to safeguard our systems and protect our customers’ data.”
While investigations continue, Tenable reaffirms that no product-related or sensitive data held inside its security tools were impacted, and it will continue to share updates as needed.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
Source link
