Salesloft GitHub Breach Leads To Drift Customer Data Theft
Salesloft has confirmed that a breach of its GitHub account in March 2025 led to the theft of authentication tokens later used to target Drift customers. According to the company, attackers maintained unauthorized access for months, carrying out reconnaissance and downloading data from multiple repositories. This breach eventually enabled hackers to infiltrate Drift’s systems and steal sensitive OAuth tokens, raising concerns about data protection and the handling of customer security.
Image Credits:Andrew Brookes
Salesloft GitHub Breach Timeline Raises Security Questions
Investigations revealed that the Salesloft GitHub breach began in March and went undetected until June. During this time, hackers were able to add guest users, establish workflows, and exfiltrate content from private repositories. The delayed detection has sparked questions about the company’s overall cybersecurity measures and why it took months to identify suspicious activity. For many customers, this timeline highlights the importance of faster incident response strategies.
Impact Of The Drift Customer Data Theft
One of the most concerning outcomes of the Salesloft breach is the compromise of Drift’s cloud environment. By accessing authentication tokens, attackers could potentially exploit customer accounts, leading to risks such as data exposure, unauthorized access, and misuse of AI-powered marketing tools. While Salesloft stated the incident is now contained, the long-term implications for Drift users and other affected clients remain under close scrutiny.
Lessons From The Salesloft GitHub Breach
The Salesloft GitHub breach serves as a reminder that attackers increasingly target software development platforms and cloud environments to gain access to sensitive data. Organizations relying on SaaS and AI-powered platforms must enforce strong identity management, continuous monitoring, and strict token security. For Drift customers, the event underscores the importance of transparency and accountability in protecting customer data and maintaining trust in digital ecosystems.
