When was PagerDuty notified about the Salesloft Drift breach?

PagerDuty was notified by Salesloft on August 20, 2025, of a security issue in the Drift application, with recommendations for further actions provided on August 27, 2025. This was part of the broader notification process as Salesloft informed affected customers about the OAuth integration compromise.

What customer data was exposed in the PagerDuty breach?

The exposed data includes names of customers and contacts, phone numbers, email addresses, and potential additional Salesforce-related business contact information. The compromise was limited to customer contact information rather than technical or sensitive operational data.

How many PagerDuty customers were affected by the breach?

The number of affected PagerDuty customers and individuals has not been disclosed by the company. PagerDuty has not provided specific figures regarding the scope of customer data that may have been compromised.

Was the PagerDuty platform itself compromised in this incident?

No, PagerDuty has confirmed that the breach was limited to data stored in its Salesforce system and claims there is no indication that attackers gained access to the PagerDuty platform itself or any other internal systems or resources beyond Salesforce.

Was this PagerDuty breach part of a larger attack campaign?

Yes, the PagerDuty breach was part of the broader Salesloft Drift security incident that affected multiple organizations globally. Attackers exploited vulnerabilities in the OAuth integration to access Salesforce environments across numerous companies that used the Drift application.

What should PagerDuty customers do to protect themselves after this breach?

PagerDuty customers should be vigilant for phishing attempts and social engineering attacks using their exposed contact information, verify the authenticity of any unexpected communications claiming to be from PagerDuty through official support channels, be suspicious of unsolicited phone calls requesting sensitive information, monitor their accounts for suspicious activity, and report any suspicious communications to PagerDuty through established channels.

What systems and data remained secure during the PagerDuty incident?

According to PagerDuty, the core PagerDuty platform, internal systems, and operational data remained secure and were not accessed by the attackers. The breach was isolated to customer contact information stored in the company's Salesforce environment, with no indication of compromise to the incident management platform or other critical systems.

Incident

PagerDuty confirms customer data breach in Salesloft Drift supply chain attack

Q: What happened to PagerDuty in the Salesloft Drift security incident?

PagerDuty reported that customer data was potentially compromised following a security incident involving Salesloft's Drift application. The breach was caused by attackers exploiting vulnerabilities in the Salesloft Drift OAuth integration with Salesforce, enabling unauthorized access to customer information stored in PagerDuty's Salesforce instance.

Q: How can customers verify legitimate communication from PagerDuty?

PagerDuty has reassured customers that it will never contact anyone by phone to request passwords or other secure details, and that all official communication from PagerDuty comes through established support channels. Customers should be suspicious of any unsolicited calls requesting sensitive information.

published: Sept. 2, 2025

Learn More

PagerDuty is reporting that customer data was potentially compromised following a security incident involving Salesloft's Drift application. The company was notified by Salesloft on August 20, 2025, of a security issue in the Drift application, and recommendations for further actions on August 27, 2025.

The breach was caused by attackers exploiting vulnerabilities in the Salesloft Drift OAuth integration with Salesforce, enabling unauthorized access to customer information stored in PagerDuty's Salesforce instance.

Exposed data includes:

Names of customers and contacts
Phone numbers
Email addresses
Potential additional Salesforce-related business contact information

The number of affected PagerDuty customers and individuals has not been disclosed.

PagerDuty has confirmed that the breach was limited to data stored in its Salesforce system and claims that there is no indication that attackers gained access to the PagerDuty platform itself or any other internal systems or resources beyond Salesforce.

As a precautionary measure, PagerDuty is advising customers to be careful regarding potential phishing and social engineering attacks, given the exposure of personal contact information. The company has reassured customers that it will never contact anyone by phone to request passwords or other secure details, and that all official communication from PagerDuty comes through established support channels.

PagerDuty confirms customer data breach in Salesloft Drift supply chain attack

Read More
Renault reports that UK customer data was exposed …
Pacific Life Insurance Company formally reports third party …
Microlise reports cyberattack, data breach
Dollar Tree reports third-party data breach, exposing 2 …
Hackers linked to Iran leak data of Israeli …