Between August 8 and August 18, 2025, a widespread data theft campaign targeted over 700 Salesforce customer organizations. Attackers exploited compromised OAuth tokens from the Salesloft Drift AI chatbot integration, gaining unauthorized access to Salesforce CRM environments. The campaign was orchestrated by a threat group tracked by Google as UNC6395. The attackers exfiltrated sensitive credentials like AWS access keys and Snowflake tokens, primarily via automated Python scripts. Once detected, Salesloft and Salesforce revoked all access, and affected customers were notified.
What Happened
Hackers breached Salesloft’s SalesDrift integration, which connects the Drift AI chat agent with Salesforce, and stole OAuth and refresh tokens. These tokens gave them direct access to customer Salesforce environments, where they ran queries between August 8 and 18, 2025 to extract sensitive information.
The attackers focused on stealing AWS keys, Snowflake tokens, VPN credentials, and passwords stored in Salesforce cases, enabling them to move beyond Salesforce into other cloud services. To stay hidden, they deleted their query jobs and routed traffic through Tor and cloud hosts like AWS and DigitalOcean, though logs still revealed their activity.
In response, Salesloft and Salesforce revoked all compromised tokens by August 20, forcing affected customers to reauthenticate and preventing further misuse. Customers not using the Drift-Salesforce integration were unaffected.
How It Happened
The breach started with the compromise of OAuth and refresh tokens from Salesloft’s Drift-Salesforce integration. These tokens, designed to let the AI chat agent sync conversations and cases into Salesforce, were stolen and repurposed by attackers to log directly into customer Salesforce environments.
Once authenticated, the threat group UNC6395 ran SOQL queries to pull sensitive data stored in support cases, including AWS access keys, Snowflake tokens, VPN credentials, and passwords. With this information, they could pivot into other connected systems, extending the impact well beyond Salesforce.
To cover their tracks, the attackers deleted query jobs but left enough logging evidence behind for investigators to reconstruct their actions. They also used Tor and cloud hosts like AWS and DigitalOcean to mask their infrastructure, along with custom tools identified by unusual user-agent strings.
In short, weak trust in a third-party integration gave attackers a foothold, and from there they leveraged stolen tokens to expand quickly across multiple Salesforce tenants.
Breach Impact
1- Credential Exposure
- Attackers stole AWS access keys, Snowflake tokens, VPN secrets, and passwords from Salesforce cases
- These credentials could be reused to compromise cloud platforms and infrastructure beyond Salesforce
2- Cascading Risk
- A single compromised integration enabled attackers to pivot into multiple downstream systems
- Expanded the blast radius from Salesforce data theft to broader cloud environments
3- Business Disruption & Extortion
- Harvested data could be weaponized for phishing, follow-on breaches, or ransom attempts
- Sensitive case information increased the risk of reputational and financial damage
4- Trust Erosion
- Salesforce itself wasn’t directly breached, but a vulnerable third-party app created widespread exposure
- Highlighted the systemic risk of relying on AI-driven or external integrations to handle sensitive data
Recommendations
1- Reauthenticate Drift integration
- Go to Settings > Integrations > Salesforce, disconnect, and reconnect with valid credentials.
2- Rotate Credentials Immediately
- Rotate AWS keys, Snowflake tokens, VPN secrets, and any credentials exposed in Salesforce cases.
3- Search for Indicators of Compromise (IoCs)
- Look for Salesforce objects containing:
- AKIA (AWS long-term keys)
- snowflakecomputing.com (Snowflake tokens)
- password, secret, key
- Org-specific VPN/SSO URLs
4- Audit Logs
- Review Salesforce logs for suspicious SOQL queries
- Match against Google’s published IoCs (IPs and User-Agents)
5- Enforce least-privilege OAuth scopes for integrations
6- Deploy conditional access policies for third-party apps
7- Conduct regular reviews of connected apps in Salesforce
8- Implement MFA and step-up authentication for sensitive integrations
Conclusion
The Salesloft Drift–Salesforce breach shows how a single compromised integration can expose hundreds of organizations. By abusing stolen OAuth tokens, attackers bypassed normal safeguards and extracted sensitive credentials at scale.
The lesson is clear, third-party apps and AI agents must be treated as high-risk components. Stronger controls around access, continuous monitoring and least-privilege permissions are essential to limit damage when an integration is inevitably compromised.
