Last week, Proofpoint was notified by Salesforce of suspicious activity related to the third-party Drift application, published by Salesloft. This activity indicated potential unauthorized access to Proofpoint’s Salesforce environment. Proofpoint immediately took action and launched an investigation.
At this time, there is no evidence that this supply chain incident affected Proofpoint’s software, services, security products, customer-protected data, or internal corporate network.
Prior to notifying Proofpoint, Salesforce acted to reduce risk by disabling all Drift application instances across its platform. The application has since been removed from the Salesforce AppExchange. Out of an abundance of caution, Proofpoint also deactivated the Drift application and disconnected it from our Salesforce environment. Proofpoint remains in contact with both Salesforce and Salesloft regarding this matter.
Current findings confirm that an unauthorized actor accessed Proofpoint’s Salesforce tenant through the compromised Drift integration and viewed certain information stored in our Salesforce instance.
If further analysis determines that sensitive data was accessed or misused, Proofpoint will notify any affected individuals or organizations consistent with our contractual obligations and applicable regulatory requirements.
Proofpoint remains committed to transparency and will continue to provide timely updates to stakeholders and the broader community as more information becomes available.
