Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks www.bleepingcomputer.com/news/secu…

Hackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from its Drift chat agent integration with Salesforce to pivot to customer environments and exfiltrate data.

Salesloft’s SalesDrift is a third-party platform that connects the Drift AI chat agent with a Salesforce instance, allowing organizations to sync conversations, leads, and support cases into their CRM.