Salesforce Says No To Ransom After Drift App Hack

Salesforce CRM is standing its ground after hackers tried to shake it down for ransom. The company confirmed it won't pay the cybercrime group ShinyHunters, which claims to have stolen client data through a breach involving the Drift app, a third-party tool built by Salesloft that connects to Salesforce to automate customer service interactions.

In an email to customers, Salesforce said it refuses to negotiate or pay the group's extortion demand. The company explained that the hackers didn't breach Salesforce's own systems but instead exploited Drift's integration link. The stolen data mostly basic contact details and IT configurations, with some access tokens mixed in was later posted for sale on a cybercrime forum.

The attack took place back in August, and Salesforce said its security teams quickly worked with Salesloft to contain the issue. They invalidated all active tokens, removed Drift from AppExchange, and notified affected users.

This issue did not stem from a vulnerability in the core Salesforce platform, the company said, stressing that its main systems remain secure.