HackerOne has confirmed it was among the companies affected by a recent data breach that provided unauthorized access to its Salesforce instance. The access was gained through a compromise of the third-party application Drift, which Salesloft owns.
The bug bounty platform announced the security incident, aligning with its company value of “Default to Disclosure.” According to the company, its security team was first notified of a potential compromise by Salesforce on Friday, August 22, 2025.
This was subsequently confirmed by Salesloft the following day, prompting HackerOne to activate its incident response protocols immediately.
The company is working in partnership with both Salesforce and Salesloft to investigate the full scope and impact of the breach. This incident is part of a broader attack campaign that has impacted hundreds of companies.
HackerOne Confirms Data Breach
As detailed in a report by Google’s Mandiant, threat actors targeted Salesforce customer records by exploiting a vulnerability within the Drift marketing and sales application.
By compromising Drift, attackers were able to pivot and gain unauthorized access to connected Salesforce environments, allowing for the theft of sensitive customer and sales data.
HackerOne’s confirmation places it on a growing list of firms responding to this supply chain attack. While the investigation remains ongoing, HackerOne stated that a subset of records within its Salesforce instance was accessed by the unauthorized parties.
However, the company expressed confidence that no customer vulnerability data was impacted or exposed during the incident.
This is attributed to the firm’s strict internal policies and controls, which govern data segmentation, effectively siloing sensitive vulnerability information away from the compromised sales and marketing data in the Salesforce environment.
HackerOne is continuing to conduct a forensic analysis on the specific records accessed to determine the exact nature of the exposed information.
The company has committed to communicating directly with any customers who are identified as being impacted by the breach.
This incident highlights the significant risks associated with third-party application integrations and the potential for supply chain attacks to bypass an organization’s direct security defenses.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Source link
