Palo Alto Networks Data Breach: Supply-Chain Attack Exposes Sensitive Info
Palo Alto Networks has revealed a significant data breach, part of a larger supply-chain attack that has affected numerous companies. The breach, linked to the Salesloft Drift incident, has potentially exposed sensitive information, including IT details and passwords from support tickets.
The attack has hit several prominent companies besides Palo Alto Networks, including Google, Zscaler, PagerDuty, Cato, CyberArk, Tenable, and Proofpoint. The exposed data primarily consists of business contact information, internal sales accounts, and basic case data related to customers.
Threat actors behind the breach mass-exfiltrated Salesforce data and scanned for credentials. They gained access to customer data and support cases via stolen OAuth tokens. Palo Alto Networks promptly rotated all exposed credentials, including Salesforce API keys and connected app credentials, to mitigate the risk.
The Salesloft Drift supply-chain attack has had a wide impact, affecting multiple companies and exposing sensitive business information. Palo Alto Networks, Google, Zscaler, and other affected companies have taken steps to secure their systems and protect their customers' data. The investigation into the breach continues.
Read also:
- Thieves Steal Unique Sculptures from Redwood National Park's Grove of Titans
- Stellantis Pivots US Strategy: Drops Electric Dodge Charger, Embraces V8s
- Thessaly's Climate Plan Stalls Two Years After Storm Daniel Devastation
- Strategizing the Integration of Digital Menus as a Core Element in Business Operations
