Google advises the users of the AI Salesloft Drift chat agent to consider all security tokens connected to the platform committed after the discovery that the unknown attackers used some of the credentials to access the email from the Google work space accounts.
In response, Google has revoked the tokens that were used in the infractions and the disabled integration between the Salesloft derivation agent and all the work space accounts as it investigates more. The company has also notified all holders of accounts affected by the commitment.
The expanded scope
The discovery, reported Thursday in a Advice updateIt indicates that a rape of Drift of Salesloft that reported on Tuesday is broader than what was previously known. Before the update, the members of the Google threat intelligence group said that the compromised tokens were limited to Salesloft drift integrations with Salesforce. The commitment of work space accounts led to Google to change that evaluation.
There are no indications that other Salesloft services are affected.
“According to the new information identified by GTIG, the scope of this commitment is not exclusive to the integration of Salesforce with Salesloft Drift and impacts other integrations,” said Thursday’s update. “Now we advise all Salesloft Drift customers to treat each and every one of the authentication tokens stored or connected to the drift platform as potentially committed.”
On Thursday, the Salesloft Security Guide page He did not refer to the new information and, on the other hand, continued to indicate that the violation affected only the integrations of drift with Salesforce. The company’s representatives did not immediately respond to an email that seeks the confirmation of Google’s finding.
#Google #warns #theft #massive #data #reaches #Salesloft #agent #grown
