Dynatrace Confirms Data Breach: Hackers Accessed Customer Data From Salesforce
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
Dynatrace has confirmed it was impacted by a third-party data breach originating from the Salesloft Drift<\/a> application, resulting in unauthorized access to customer business contact information stored in its Salesforce CRM.<\/p>\n The company confirmed that the incident was limited to its CRM platform and did not impact any core Dynatrace products, services, or sensitive customer environments.<\/p>\n The security incident originated in August 2025, when threat actors compromised Salesloft\u2019s Drift application, a popular third-party tool used for customer engagement. <\/p>\n This compromise allowed the attackers to gain unauthorized access to the Salesforce environments of companies utilizing the app. <\/p>\n In response to the attack, Salesloft and Salesforce<\/a> moved to disable the compromised connections and began notifying affected clients, which included the observability giant Dynatrace.<\/p>\n Upon receiving notification of the third-party breach, Dynatrace\u2019s security team took immediate action by disabling the Drift application within its environment to sever the connection and prevent further unauthorized access. <\/p>\n The company launched a comprehensive investigation, bringing in third-party cybersecurity experts to determine the full scope of the incident.<\/p>\n The investigation confirmed that the malicious activity was limited exclusively to its Salesforce CRM instance, which the company uses for managing customer relationships and marketing activities. <\/p>\n Critically, Dynatrace clarified<\/a> that none of its own products or services were compromised. This includes any systems that house customer data or services that directly interface with customer systems.<\/p>\n Furthermore, the company reported that it does not utilize the \u201ccase function\u201d within Salesforce, meaning no customer support case information was accessible to the attackers. <\/p>\n Dynatrace assured stakeholders that the incident caused no disruption to its business operations. The data exposed <\/a>in the breach is limited to business contact information. This includes the first and last names of customer contacts and their associated company identifiers.<\/p>\n No sensitive credentials, financial details, or other confidential information were accessed. After a period of investigation and remediation, Salesloft notified Dynatrace on September 7th that the secure connections had been re-enabled.<\/p>\n In light of the exposure of business contact information, Dynatrace has issued guidance to its customers, urging them to exercise increased caution against potential social engineering and phishing campaigns. <\/p>\n The company emphasized that its employees will never contact customers via phone or email to request passwords, multi-factor authentication (MFA) codes, or other sensitive credentials. <\/p>\n Customers are advised to be vigilant and verify that all communications and links originate from trusted Dynatrace domains. <\/p>\n Confirmed victims of this supply chain attack include:<\/p>\n Find this Story Interesting! Follow us on Google News<\/a>,\u00a0LinkedIn<\/a>,\u00a0and\u00a0X<\/a>\u00a0to Get More Instant Updates<\/strong>.<\/p>\n The post Dynatrace Confirms Data Breach: Hackers Accessed Customer Data From Salesforce<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nDynatrace\u2019s Response And Investigation<\/strong><\/h2>\n
\n