Home / Security updates / Salesloft Drift Vulnerability
Salesloft Drift Vulnerability
Security updates detail rendered from /security-updates/upd_899d37c8339210fd.
Overview
| ID | upd_899d37c8339210fd |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Broadridge |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_899d37c8339210fd |
| providerId | safebase |
| organizationId | org_d6453fb8c77f0b6a |
| trustCenterId | tc_c6ca607ff40394b4 |
| title | Salesloft Drift Vulnerability |
| message | Threat Response September 10, 2025 BROADRIDGE RESPONSE STATEMENT On September 3rd, Broadridge was notified about a recent vulnerability regarding Salesloft Drift. The Salesloft Drift security breach was a significant supply chain attack that compromised OAuth and refresh tokens linked to the Drift AI chatbot platform. This breach enabled threat actors, identified as UNC6395, to access and exfiltrate sensitive data from Salesforce instances and other integrated systems. To defend against this exploit, Salesloft temporarily disabled the Drift platform on September 5, 2025, to prevent further unauthorized access while also urging companies using Drift to continue to closely monitor their internal systems. Organizations that are affected were advised to revoke all OAuth tokens and rotate credentials that may be associated with Drift instances. In response to the Salesloft Drift vulnerability, Broadridge has investigated and identified that no instances of Salesloft or Drift are |
| url | - |
| publishedAt | 2025-09-10 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_d6453fb8c77f0b6a",
"name": "Broadridge",
"domains": [
"trust.broadridge.com",
"broadridge.com"
]
} |
| trust_center | {
"id": "tc_c6ca607ff40394b4",
"name": "Broadridge",
"url": "https://trust.broadridge.com",
"host": "trust.broadridge.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_899d37c8339210fd",
"company": "/v1/companies/org_d6453fb8c77f0b6a",
"trust_center": "/v1/trust-centers/tc_c6ca607ff40394b4",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_899d37c8339210fdJSON