PagerDuty has confirmed that it skilled an information breach following a compromise of its Salesforce account.
The corporate was first alerted to the difficulty by Salesloft on August 20, 2025, when Salesloft notified PagerDuty of a safety drawback within the Drift software.
Just a few days later, on August 23, Salesloft revealed that attackers had exploited a vulnerability in Drift’s OAuth integration movement with Salesforce.
By this hijacked authorization course of, a risk actor might have gained unauthorized entry to PagerDuty’s Salesforce account. Importantly, no PagerDuty credentials—similar to usernames or passwords—have been uncovered throughout this incident.
On August 27, Salesloft really useful further steps for patrons who handle their very own Drift connections to third-party purposes.
PagerDuty has since disabled Salesloft Drift’s entry to its Salesforce knowledge whereas the corporate continues to analyze the incident.
At the moment, PagerDuty has discovered no proof that the attacker accessed the PagerDuty platform, inner programs, or any sources past Salesforce.
Nonetheless, as a result of names, cellphone numbers, and electronic mail addresses saved in Salesforce might have been uncovered, PagerDuty encourages all prospects and contacts to stay vigilant.
In mild of the potential publicity, PagerDuty warns of elevated danger of phishing and social engineering assaults.
The corporate stresses that it’s going to by no means name prospects to request a password or different safe particulars. All official communications from PagerDuty come solely by means of acknowledged assist channels.
The background and technical particulars of the safety concern have been shared by Salesloft, Salesforce, and the Google Risk Intelligence Group.
PagerDuty is intently following steering from these sources and can take any additional steps wanted to guard buyer knowledge.
The corporate pledges to maintain prospects knowledgeable of any new developments and to supply clear steering because the investigation progresses.
PagerDuty stays dedicated to the safety and privateness of its prospects. The corporate is reviewing its safety controls and dealing with Salesloft to strengthen the OAuth integration course of.
PagerDuty will proceed to share updates and proposals as they change into out there.
For extra info on the Salesloft Drift safety replace, please go to the Salesloft Belief website, the Salesforce standing web page, or the Google Cloud weblog submit from the Risk Intelligence Group.
PagerDuty thanks its prospects for his or her understanding and cooperation as the corporate works to resolve this concern and safeguard buyer knowledge.
Discover this Story Attention-grabbing! Comply with us on LinkedIn and X to Get Extra Instantaneous Updates.
