Essential Insights
- Dynatrace confirmed a third-party data breach via the Salesloft Drift application, exposing only customer business contact information in Salesforce CRM, with no impact on core products or sensitive data.
- The breach originated in August 2025 when attackers compromised Salesloft’s Drift app, gaining unauthorized access to Salesforce environments of affected clients, including Dynatrace.
- Dynatrace responded by disabling the compromised app, launched an investigation with cybersecurity experts, and verified that no customer support cases or sensitive data were accessed.
- The company advises customers to remain vigilant against social engineering, clarifies that no sensitive credentials were compromised, and emphasizes that employees will never request passwords or MFA info via phone or email.
Key Challenge
In August 2025, a cybersecurity breach originated from the compromise of Salesloft’s Drift application, a third-party tool used for customer engagement, which inadvertently affected Dynatrace—an observability company managing customer relations via Salesforce CRM. Threat actors exploited the vulnerability to gain unauthorized access to Dynatrace’s Salesforce environment, exposing only business contact information such as names and company identifiers, but not sensitive credentials or financial data. While Salesforce and Salesloft swiftly acted to disable the compromised connections and notify affected clients—including Dynatrace—they confirmed that their core products and sensitive customer environments remained unaffected. Dynatrace responded rapidly by disconnecting the compromised app, launching a thorough investigation with cybersecurity experts, and reassuring stakeholders that no disruptions or sensitive data breaches occurred beyond contact details. In light of the incident, the company advised its customers to remain vigilant against social engineering attacks, emphasizing that its staff would not request sensitive information via email or phone, and ultimately ensured that the breach was contained and rectified, with secure connections restored by early September 2025.
Risks Involved
In August 2025, Dynatrace was affected by a third-party data breach originating from the Salesloft Drift application, which compromised its Salesforce CRM used for customer contact management, leading to unauthorized exposure of business contact information—including names and company identifiers—while leaving core products, sensitive data, and customer environments unaffected. The breach, stemming from the compromise of a third-party engagement tool, prompted immediate actions such as disabling the affected connections and engaging cybersecurity experts to assess the scope, confirming that no critical or sensitive data, such as credentials or financial information, was accessed. Although operations remained stable, the incident heightened risks of social engineering and phishing, prompting Dynatrace to advise customers to exercise vigilance and verify communication sources, emphasizing its commitment to transparency and the limited scope of the breach’s impact.
Possible Remediation Steps
Addressing a security breach where hackers access customer data in Salesforce is critical to protect sensitive information, maintain customer trust, and comply with legal regulations. Prompt and effective remediation minimizes damage and prevents future attacks.
Immediate Containment
- Isolate affected systems
- Disable suspicious user accounts
- Revoke compromised credentials
Security Assessment
- Conduct thorough logs review
- Identify breach entry point
- Assess extent of data accessed
Enhance Defense Measures
- Update passwords and security questions
- Implement multi-factor authentication
- Apply patches and updates to Salesforce
Notification & Reporting
- Inform affected customers
- Report breach to authorities as required
- Document incident details
Future Prevention
- Conduct staff security training
- Regularly review access controls
- Schedule frequent security audits
Stay Ahead in Cybersecurity
Explore career growth and education via Careers & Learning, or dive into Compliance essentials.
Learn more about global cybersecurity standards through the NIST Cybersecurity Framework.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1
