PagerDuty has confirmed that it experienced a data breach following a compromise of its Salesforce account.
The company was first alerted to the issue by Salesloft on August 20, 2025, when Salesloft notified PagerDuty of a security problem in the Drift application.
A few days later, on August 23, Salesloft revealed that attackers had exploited a vulnerability in Drift’s OAuth integration flow with Salesforce.
Through this hijacked authorization process, a threat actor may have gained unauthorized access to PagerDuty’s Salesforce account. Importantly, no PagerDuty credentials—such as usernames or passwords—were exposed during this incident.
On August 27, Salesloft recommended additional steps for customers who manage their own Drift connections to third-party applications.
PagerDuty has since disabled Salesloft Drift’s access to its Salesforce data while the company continues to investigate the incident.
At this time, PagerDuty has found no evidence that the attacker accessed the PagerDuty platform, internal systems, or any resources beyond Salesforce.
However, because names, phone numbers, and email addresses stored in Salesforce may have been exposed, PagerDuty encourages all customers and contacts to remain vigilant.
In light of the potential exposure, PagerDuty warns of increased risk of phishing and social engineering attacks.
The company stresses that it will never call customers to request a password or other secure details. All official communications from PagerDuty come only through recognized support channels.
The background and technical details of the security issue have been shared by Salesloft, Salesforce, and the Google Threat Intelligence Group.
PagerDuty is closely following guidance from these sources and will take any further steps needed to protect customer data.
The company pledges to keep customers informed of any new developments and to provide clear guidance as the investigation progresses.
PagerDuty remains committed to the security and privacy of its customers. The company is reviewing its security controls and working with Salesloft to strengthen the OAuth integration process.
PagerDuty will continue to share updates and recommendations as they become available.
For more information on the Salesloft Drift security update, please visit the Salesloft Trust site, the Salesforce status page, or the Google Cloud blog post from the Threat Intelligence Group.
PagerDuty thanks its customers for their understanding and cooperation as the company works to resolve this issue and safeguard customer data.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
Source link
