The company won’t negotiate or pay any extortion demand, Bloomberg reported Tuesday, citing a Salesforce email and comments from a company spokesperson.
Allen Tsai, a Salesforce spokesperson, told Bloomberg that the company is aware of extortion attempts and is in contact with affected customers to provide support.
The information was stolen earlier this year in a breach of Salesloft’s Drift app, which integrates with Salesforce, according to the report.
Other companies have also been impacted by the breach of Drift.
Cloudflare said Sept. 2 that information shared in its customer support system should be considered compromised because the company was affected by the breach of Drift, which allowed someone outside Cloudflare to access the Salesforce instance it uses for customer support and internal customer case management.
Advertisement: Scroll to Continue
“Most of this information is customer contact information and basic support case data, but some customer support interactions may reveal information about a customer’s configuration and could contain sensitive information like access tokens,” Cloudflare said at the time.
Cloudflare said it searched through the compromised data, found 104 Cloudflare API tokens, rotated those tokens and informed the customers whose data was compromised.
On Sept. 5, it was reported that the number of companies impacted by the cyberattack on Drift, and the ultimate severity of the attack, were unknown but that the data breaches that had been disclosed at that point raised concerns about social engineering attacks that could be strengthened by the data that was stolen.
Several companies had disclosed data breaches that resulted from the attack. The disclosures showed that the data that was stolen includes business contact information and support case content, which is information that is not as sensitive as that taken in other cyber incidents but could be used for social engineering attacks.
PYMNTS reported in August that the weakest link in a company’s cybersecurity defenses could be a trusted vendor, because companies’ reliance on vendors multiplies their own attack surface.
