The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

Google has warned that hackers have stolen authentication tokens across a wide range of online services from cloud-based conversational marketing service Salesloft.
The software is used by thousands of firms to generate leads from customer interactions, with the stolen tokens allowing access to platforms including Salesforce, Slack, Google Workplace, Amazon S3, and Microsoft Azure, as well as Open AI.
Unidentified hackers, known as UNC6395, used the tokens to access a huge amount of data from corporate Salesforce instances.
According to the Google Threat Intelligence Group (GTIG), the hackers are looking for AWS keys, VPN credentials, and access to cloud storage service Snowflake.
The GTIG has said that the attack began on 8 August and ran until 18 August and involved data exfiltration associated with the campaign.
It advised organisations to consider their data compromised and to take immediate remedial action.
The stolen tokens also allowed access to a very small number of Google workstation accounts that were specially configured to integrate with Salesloft.

Fast Feed