ARTICLE
4 September 2025

Salesforce Drift Compromise Highlights Cyber Risks To Supply Chains

BP
Burness Paull

Contributor

Proudly based in Scotland, we work with leading organisations across the UK and internationally.

Clients tell us they appreciate the breadth of our legal expertise, the depth of our talent and, crucially, the down-to-earth personality of our people.

It is our single most important point of difference - a human & high-performing culture that permeates all that we do.

As a truly independent law firm operating in a fast moving and challenging global landscape, we have complete license to shape our culture and determine our values in a way that sustainably supports the needs of our people, our clients, our wider community and the environment.

Surpassing expectations is what drives us more than any other benchmark.

We look forward to exceeding yours.

CRM giant Salesforce, and sales engagement platform Salesloft, recently announced that they are responding to a cyber security incident.
United Kingdom Technology

CRM giant Salesforce, and sales engagement platform Salesloft, recently announced that they are responding to a cyber security incident.

The security advisories issued by the company indicate that this may have resulted in unauthorised access to some customer organisations' data.

Customer relationship management and other cloud-based service models are attractive targets for threat actors. This incident is a timely reminder that any compromise may not just be a problem for the vendor; it has the potential to impact customers and users of any platform affected, bearing in mind platforms often work in conjunction with each other. While there are few details regarding the incident so far, it appears the incident originated in the Salesforce Drift application, a conversation-driven marketing platform. Drift can integrate with over 50 different platforms, meaning that the impact of this incident could be significant.

Cloud based services present the opportunity for threat actors to compromise a vast network of customer businesses, given the extent of their integration. Often, the goal is to steal personal data and demand ransom payments, failing which the personal data will be published on the dark web. This exposes data controller organisations to the risk of regulatory intervention by the UK Information Commissioner's Office, as well as individual claims for compensation from affected individuals. There is also increased risk of a direct cyber security incident involving customer companies where stolen data could be used to enhance future attacks, through phishing or otherwise. Ultimately, this type of vendor cyber security incident shifts the risk profile for customers across the supply chain and this change in risk should be managed proactively.

According to this year's Cyber security breaches survey, many organisations are not properly managing the cyber security risk posed by their supply chains. Only 14% of UK businesses reviewed the risks posed by their immediate suppliers, and only 7% considered their wider supply chain. Larger organisations tended to take a more robust approach, with 45% of large businesses reviewing the cyber security risks posed by their immediate suppliers. Even still, this means that over half of large UK businesses are not properly considering the security implications of their third-party providers.

In our previous blogs and insights, we consider what organisations should be doing to properly manage their data risks.

A cyber attack on your vendor could result in a cyber attack on you or any customer in the supply chain. It is prudent to review risk registers in relation to any known incident affecting relevant vendors and consider any immediate actions, including security audits and awareness and training for employees.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More