- Cloudflare confirms losing sensitive customer data from its account
- The attackers moved in after compromising Salesloft’s Drift platform
- Cloudflare’s infrastructure remains intact
Cloudflare has become the latest tech giant to be added to the growing list of companies compromised through the Salesloft Drift breach.
The content delivery network[1] firm has confirmed the breach, saying it rotated potentially exposed secrets, and notified customers whose data might have been compromised, in response.
104 tokens
In Cloudflare’s case, most of the information stored in the affected account is customer contact information and “basic support case data”, but the company is still warning about hackers potentially using this information in attacks.
“Some customer support interactions may reveal information about a customer’s configuration and could contain sensitive information like access tokens,” it said in a statement.
“Given that Salesforce[2] support case data contains the contents of support tickets with Cloudflare, any information that a customer may have shared with Cloudflare in our support system—including logs, tokens or passwords—should be considered compromised, and we strongly urge you to rotate any credentials that you may have shared with us through this channel.”
When Cloudflare analyzed the incident from its side, it found 104 Cloudflare API tokens. While it would appear that no one managed to abuse them in the meantime, the company still rotated them, to be on the safe side.
“No Cloudflare services or infrastructure were compromised as a result of this breach,” it confirmed.
You might also like
References
- ^ content delivery network (www.techradar.com)
- ^ Salesforce (www.techradar.com)
- ^ BleepingComputer (www.bleepingcomputer.com)