Salesforce investigates new incident echoing Salesloft Drift compromise - Help Net Security

Salesforce is investigating unusual activity involving Gainsight-published apps connected to Salesforce, which may have led to unauthorized access to customer data. In response, Salesforce revoked access tokens and temporarily removed the apps from the AppExchange, stating there’s no indication of a Salesforce platform vulnerability. Threat actors linked to the Salesloft Drift compromise are suspected of exploiting Gainsight OAuth tokens, potentially impacting nearly 1000 organizations.