Zero standing privileges for NHI access after the Drift breach

At a glance

What this is: This is an analysis of the Drift OAuth breach and the wider NHI governance gaps it exposed across SaaS integrations, token sprawl, and overprivileged machine access.

Why it matters: It matters because IAM, PAM, and NHI teams must treat delegated tokens, integrations, and AI-connected principals as governed identities, not incidental plumbing.

By the numbers:

• This breach affected over 700 organizations and extended beyond Salesforce to integrations with Google Workspace, Slack, AWS, and Microsoft Azure.
• Industry research estimates ratios ranging from 40:1 today to projections of 100:1 or more with AI adoption.

👉 Read Apono's analysis of the Drift OAuth breach and NHI exposure

Context

The Drift OAuth breach is a non-human identity problem first and a SaaS incident second. Compromised tokens used in a third-party integration gave attackers a path into Salesforce data and then into adjacent systems, which is exactly the kind of access chain that traditional IAM and PAM programmes struggle to see.

The governance gap is not just exposure of one secret. It is the combination of hidden principals, standing privileges, and connected tools that can be reused after initial compromise. Once those identities exist in the environment, the blast radius is defined by how much access they were allowed to keep.

Key questions

Q: What breaks when OAuth tokens are treated as permanent access?

A: Permanent OAuth access turns a delegated token into standing privilege, which means a compromise can be reused until someone revokes it. That increases the chance of cross-platform data exposure, secret harvesting, and lateral movement. Organisations need identity ownership, scope review, and revocation discipline for tokens, not just for human accounts.

Q: Why do non-human identities increase blast radius after a vendor breach?

A: Non-human identities often carry broad scopes, hidden dependencies, and weak lifecycle oversight. When one integration token is compromised, attackers can search for additional secrets and move into connected systems that were never intended to be part of the original workflow. The blast radius comes from trust relationships, not just the initial compromise.

Q: What do security teams get wrong about OAuth scope review?

A: Many teams review scope at onboarding but do not revisit it as integrations change, vendors expand, or workflows drift. That leaves principals with more access than they need and more access than anyone expects. Scope review has to be continuous, tied to actual use, and paired with revocation for unused permissions.

Q: How should organisations respond when a machine identity is suspected compromised?

A: Containment should start by revoking the token, disconnecting linked apps, and searching for any secrets that may have been exposed in downstream systems. Then teams should validate which integrations inherited the same trust and whether additional principals share the same exposure path. The goal is to stop reuse before it becomes a wider intrusion.

Technical breakdown

How compromised OAuth tokens become reusable identity keys

OAuth tokens are delegated credentials that let one system act on behalf of another without a password. That convenience becomes dangerous when tokens are stored, copied, or logged outside the issuing control plane, because the token itself becomes the authorization artifact. In SaaS ecosystems, the token often inherits broad scopes and cross-application trust, so compromise of one integration can expose data in multiple platforms. The problem is not that OAuth is broken. The problem is that OAuth tokens are frequently treated as low-friction plumbing rather than governed identities with lifecycle, scope, and revocation requirements.

Practical implication: inventory every OAuth-granted principal and tie it to an owner, scope, and revocation path.

Why standing privilege turns token theft into blast-radius expansion

A token with standing access can be reused until it is revoked, which gives attackers time to enumerate data, search for more secrets, and pivot into other services. If the token has more scope than the workflow actually needs, the compromised identity becomes an accelerator for lateral movement rather than a single failed session. This is the same structural weakness that appears in overprivileged service accounts and long-lived API keys. Zero standing privilege reduces that exposure by ensuring credentials exist only when a task actually requires them, not by default.

Practical implication: remove always-on access from machine identities and replace it with just-in-time access where possible.

Why integration sprawl defeats legacy IAM and PAM controls

Legacy IAM and PAM tools were built around users and static administrators, not thousands of ephemeral principals spread across SaaS apps, cloud platforms, and AI-connected workflows. They often lack reliable discovery for non-human identities, which means tokens, service accounts, and embedded secrets can remain invisible until after compromise. In the Drift case, the problem expanded beyond one vendor because the same credential pattern was present in multiple connected systems. That is why governance has to be cross-platform and identity-centric, not product-centric.

Practical implication: extend discovery, review, and revocation controls across SaaS, cloud, and AI-connected integrations.

Threat narrative

Attacker objective: The objective was to harvest reusable credentials and expand access across connected enterprise systems for further intrusion and theft.

1. Entry occurred through compromised OAuth tokens associated with the Salesloft Drift integration, giving attackers a trusted path into connected environments.
2. Escalation followed as the attackers searched exfiltrated data for additional secrets, including AWS keys and Snowflake tokens, to widen access across services.
3. Impact expanded beyond Salesforce into related platforms such as Google Workspace, Slack, AWS, and Microsoft Azure, increasing the blast radius across more than 700 organisations.

Breaches seen in the wild

• Salesloft OAuth token breach — hackers stole OAuth tokens to access Salesforce data via Salesloft.
• Dropbox Sign breach — compromised Dropbox Sign service account exposed API keys and OAuth tokens.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Standing OAuth access is the failure mode this breach exposed. The token was not merely stolen, it remained powerful enough to be reused across multiple systems after compromise. That is the core NHI governance problem: access persisted longer than the business process that created it. Practitioners should treat any long-lived delegated credential as a standing privilege with a breach path built in.

Hidden principals create a blind spot that most IAM programmes still do not govern well. The article’s description of dormant tokens, overprivileged permissions, and poor inventory maps directly to the discovery problem in NHI governance. When a principal is not visible, it cannot be recertified, scoped, or offboarded with confidence. The implication is that governance must start with inventory completeness, not policy aspiration.

Zero Standing Privilege is more than a control choice, it is a blast-radius constraint for machine identities. The breach shows that overprivileged NHIs can be searched after the first compromise for more keys, more tokens, and more system access. That is why the decisive question is not whether a token exists, but how much harm it can do before revocation. The practitioner takeaway is to design around minimum time-in-access and minimum scope.

AI-connected workflows are multiplying the number of identities that inherit trust by default. As organisations connect chat tools, automation platforms, and cloud services, every integration becomes a potential credential relay. The breach is a warning that agentic and non-agentic systems are converging on the same identity risk pattern: delegated access with weak lifecycle discipline. Security teams should assume that future incidents will increasingly follow this chain, not a single isolated compromise.

Identity governance must now span human, NHI, and agentic access in one operating model. The article is right to frame human and non-human identities together, because attackers do the same. The real field-level shift is that access review, lifecycle, and privilege management can no longer be separated by identity type when the same compromised token can reach cloud, SaaS, and AI-connected systems. Practitioners should converge controls around the identity, not the platform.

From our research:

• 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation, according to The State of Secrets Sprawl 2026.
• AI-related credential leaks surged 81.5% year-over-year in 2025, with the surrounding AI infrastructure leaking 5x faster than core LLM providers, according to The State of Secrets Sprawl 2026.
• For a broader breach pattern view, 52 NHI Breaches Analysis shows how compromised machine access repeatedly becomes a multi-system incident rather than a single-event compromise.

What this signals

Standing token governance is becoming the practical dividing line between manageable integration risk and cross-platform compromise. Teams that still treat OAuth principals as setup artefacts will miss the point of the Drift pattern. The next control gap is not discovery alone, but whether every delegated credential has an owner, an expiry condition, and a revocation path that can be executed quickly across SaaS and cloud systems.

Ephemeral access is increasingly a baseline expectation for machine identities. As integration sprawl grows, long-lived credentials will continue to create hidden blast radius. Teams should use this moment to align NHI governance with the same operational discipline they already expect for privileged human access, but with tighter lifecycle automation.

Identity blast radius: the size of the damage an identity can cause before it is contained. In a connected SaaS and AI environment, that blast radius is determined less by the original compromise and more by how many downstream systems still trust the same principal.

For practitioners

• Inventory every delegated token and integration principal Map each OAuth token, service account, and API key to an owner, purpose, scope, and revocation method. Unknown principals should be treated as unmanaged access until proven otherwise.
• Revoke stale access before you rotate around it Disable dormant tokens, remove unused integrations, and revoke credentials that are no longer needed in active workflows. Rotation without cleanup leaves the same blast radius in place.
• Enforce least privilege on every SaaS scope Review OAuth scopes, app permissions, and downstream connector rights so a single principal cannot reach unrelated systems such as email, file storage, and cloud control planes.
• Apply just-in-time controls to machine identities Use ephemeral access where operationally possible so privileged actions are time-bound and task-specific rather than permanently enabled.
• Build cross-platform revocation playbooks Prepare a single containment workflow that can disable tokens, disconnect apps, and validate downstream exposure across SaaS, cloud, and collaboration tools.

Key takeaways

• The Drift breach shows that compromised OAuth tokens can function as standing privileges across multiple connected systems.
• The scale of the incident was broad, affecting more than 700 organisations and extending into several major SaaS and cloud platforms.
• The control that matters most is lifecycle discipline for delegated credentials, especially revocation, scope minimisation, and just-in-time access.

Key terms

• OAuth Token: An OAuth token is a delegated credential that allows one application to act on behalf of another within defined scopes. In practice, it is a reusable authorization artefact, so its security depends on scope, storage, expiry, and revocation discipline rather than password secrecy.
• Non-Human Identity: A non-human identity is any machine or software principal that authenticates and receives access, including service accounts, API keys, tokens, certificates, and AI agents. These identities need lifecycle governance because they can persist, spread, and accumulate privilege without human oversight.
• Zero Standing Privilege: Zero standing privilege is an access model in which privileged permissions are not left continuously available. Access is granted only when needed, for the narrowest practical scope, and then removed again, reducing the window in which a compromised identity can be abused.
• Identity Blast Radius: Identity blast radius is the amount of damage a compromised identity can cause before containment. It depends on scope, downstream trust, and how long the credential remains valid, which makes lifecycle controls and privilege minimisation the key limiting factors.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Apono: Beyond the Drift Breach: Securing Non-Human Identities with Zero Standing Privileges. Read the original.