By Sandeep Poonen
What happened
We recently became aware of a Salesloft Drift breach that impacted its third-party integrations. This attack has reportedly impacted hundreds of organizations, and we subsequently confirmed that the Salesloft Drift breach had resulted in the unauthorized access and export of certain Salesforce support case data related to a subset of our customers.
What we have done
Upon hearing about the incident, we immediately disabled this integration and began an investigation into the potential impact this vulnerability may have had on data in our IT systems.
We contacted the impacted customers about the incident, and our global support organization has been assisting customers with their questions.
To date, our investigation has indicated that: (1) The impacted data was limited to customer support case records within our Salesforce environment that contained certain fields that primarily included business contacts and/or information relating to the case such as the Subject field of the support case, the Description field of the support case, and in limited instances, support case correspondence, (2) No files, attachments, or other systems were impacted, and (3) Currently there is no evidence that the impacted data has been misused.
In addition, our investigation has ruled out any impact to Nutanix’s products and services. We see no ongoing risk of exploitation due to this Salesloft Drift vulnerability.
What happens next
We take this incident very seriously and have been collaborating closely with Salesforce and other security and forensics experts to continue investigating the incident and conduct ongoing threat analysis and monitoring. Our investigation into the details of the impacted data is still ongoing and we will provide more updates as appropriate.