Hackers steal data from Salesforce instances in widespread campaign

Joseph K
Aug 25, 2025
1 min read

Hackers stole user credentials from Salesforce customers in a widespread campaign earlier this month, according to researchers at Google Threat Intelligence Group, who warned that the thefts could lead to follow-up attacks.

A threat actor that Google tracks as UNC6395 targeted Salesforce instances using compromised OAuth tokens that were associated with the customer engagement vendor Salesloft’s Drift AI chat agent.

https://www.cybersecuritydive.com/news/hackers-steal-data-salesforce-instances/758676/

Hackers steal data from Salesforce instances in widespread campaign

Comments

Recent Posts

AWS PartnerCast Highlights How Treehouse Software Replicates Mainframe Data to AWS Without Disruption

NBCUniversal, AWS, Adobe, and WPP Leaders Weigh AI Ad Innovation and IP Protection at CES

AUMOVIO and AWS Partner to Accelerate Safer, Scalable Autonomous Driving Development

AWS Introduces New Well-Architected Lens for Data Residency and Hybrid Cloud Compliance

GDIT Named AWS Global Defense Consulting Partner of the Year for Tactical Edge AI Innovation

Get In Touch

Headquarters

Seoul Office