Salesforce (CRM) shares slipped 2.5% on Tuesday after the company confirmed that hackers had accessed customer data through a third-party integration rather than Salesforce’s own systems.
Elevate Your Investing Strategy:
- Take advantage of TipRanks Premium at 50% off! Unlock powerful investing tools, advanced data, and expert analyst insights to help you invest with confidence.
The incident stems from a vulnerability in Drift, a customer-communication tool developed by SalesLoft Inc. According to internal messages cited by Bloomberg, Salesforce has “credible intelligence” that the hacker group known as ShinyHunters plans to release the stolen information publicly.
Moreover, the company stressed that its core infrastructure remains secure and that the breach was limited to partner software. Salesforce said it continues to work with affected customers and law enforcement agencies as investigations progress.
Company Rejects Ransom Demands and Supports Clients
Salesforce said it will not give in to ransom demands made by the attackers. The decision follows growing corporate resistance to cyber extortion, as paying often fails to prevent data leaks and can encourage further attacks.
The company confirmed that the compromised data primarily includes contact details and technical support records. In certain cases, authentication tokens and configuration information were also exposed.
Adding to this, Salesforce stated that it is assisting all impacted organizations directly and reviewing its partner integrations to ensure stricter compliance with its security protocols.
SalesLoft Responds and Security Measures Intensify
SalesLoft, the developer of the affected Drift application, issued its own advisory on August 19 urging users to regenerate access tokens linking Drift and Salesforce. This warning followed an alert from Google’s (GOOGL) Threat Intelligence team about a broader campaign targeting cloud-based integrations.
Since then, Salesforce has disabled all connections with SalesLoft technologies to prevent further risks. This step is part of a larger effort to harden its ecosystem and protect users from attacks exploiting third-party software.
Furthermore, the company said it is accelerating audits of all external apps operating within its environment, reflecting a wider industry trend as cloud platforms face rising threats from vendor-linked breaches.
Cybersecurity Risks Broaden across Cloud Platforms
The Salesforce incident serves as a cautionary tale about how interconnected systems have become a growing target for attackers. Even when a primary platform remains uncompromised, weak links in partner networks can expose sensitive data.
Security experts say this event could push more cloud providers to tighten rules for third-party integrations and increase real-time monitoring of connected applications. For Salesforce, the priority now is to rebuild customer trust and demonstrate that its security framework can adapt quickly to evolving threats.
Is Salesforce Stock a Buy, Sell, or Hold?
Wall Street analysts remain cautiously optimistic on Salesforce (NYSE: CRM). Based on 39 analyst ratings over the past three months, the stock carries a “Moderate Buy” consensus, supported by 30 Buys, eight Holds, and only one Sell recommendation.
The average 12-month CRM price target sits at $332.59, implying a potential 38.73% upside from the current price.
