Hackers Exploit OAuth Tokens, Target 700 Salesforce Clients in Major Breach

September 1, 2025Source: Cybersecurity Dive

Found this useful? Share it with your network

Hackers targeting Salesforce customers have stolen user credentials via compromised OAuth tokens from Salesloft's Drift AI chat agent, affecting over 700 organizations. The attacks, executed between August 8 and 18, primarily aimed to harvest sensitive credentials such as AWS access keys and Snowflake tokens, without exploiting vulnerabilities in Salesforce itself. In response, Salesforce and Salesloft have acted to revoke access tokens and urged administrators to reauthenticate connections. This incident highlights significant security risks associated with third-party integrations in healthcare technology, emphasizing the need for enhanced vigilance and security protocols among healthcare professionals.

Read Full Article

Opens on Cybersecurity Dive

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News