Urgent Security Alert: Google Disables Salesloft & Drift Integrations After Breach
A significant security incident involving popular sales and marketing platforms, Salesloft and Drift, has prompted Google to take decisive action to protect user accounts. If your organization relies on these tools integrated with Google Workspace or Gmail, this is a critical update that requires your attention.
Google has begun notifying administrators and users that it has proactively disabled all integrations with Salesloft and Drift following the discovery of a security breach within the two companies. This precautionary measure aims to prevent any potential unauthorized access to Google user data.
What Happened? A Look at the Breach
According to reports, the security issue did not originate within Google’s systems. Instead, an unauthorized third party successfully gained access to the networks of both Salesloft and Drift. This breach reportedly compromised authentication tokens—the digital keys that allow these platforms to securely connect and interact with your Google account.
With these tokens potentially in the wrong hands, there is a risk of unauthorized access to sensitive information within a user’s Google account, including emails, contacts, and calendar data.
Key points to understand about this incident:
- The breach originated with third-party platforms, not Google.
- The primary risk involves compromised authentication tokens used for Google integrations.
- As a protective measure, Google has severed the connection between its services and the affected platforms for all users.
Who is Affected by This?
This security event impacts any individual or organization that has authorized Salesloft or Drift to access their Google account. This includes a vast number of sales, marketing, and business development teams who depend on these tools for core functions like email tracking, scheduling, and customer communication.
If you have ever connected your Google account to either platform, you should assume you are affected and take immediate steps to secure your account.
Your 4-Step Security Checklist: What to Do Right Now
While Google’s action of disabling the integrations is a crucial first step, it is essential to remain vigilant. Follow these steps to ensure your account and data remain secure.
Audit Your Connected Apps: Go to your Google Account security settings and review all third-party applications with access to your account. You can find this under the “Security” tab, typically in a section called “Third-party apps with account access.” Revoke access for any application you no longer use or recognize.
Monitor for Suspicious Activity: Carefully review your recent Google account activity for any unusual behavior. Check your sent email folder for messages you didn’t write, examine your calendar for appointments you didn’t create, and look through your Google Drive for any unfamiliar file activity.
Strengthen Your Account Security: Although your Google password was not directly compromised in this incident, this is a perfect time for good security hygiene. Consider changing your Google account password and, most importantly, enable two-factor authentication (2FA) if you haven’t already. 2FA provides a critical layer of security that can prevent unauthorized access even if your password is stolen.
Await Official Communication: Do not attempt to re-establish the connection to Salesloft or Drift until the companies and Google have officially declared the issue resolved. Keep an eye out for direct communication from Salesloft, Drift, or your Google Workspace administrator for instructions on when and how to safely re-authenticate the services.
The Broader Lesson on Third-Party Security
This incident serves as a powerful reminder of the inherent risks associated with third-party app integrations. While these tools offer incredible productivity boosts, they also create potential security vulnerabilities. Every time you grant an application access to your data, you are placing trust in that company’s security practices.
Businesses should regularly vet their software vendors and maintain a clear inventory of all integrated applications. By practicing diligent digital security and responding quickly to incidents like this one, you can significantly reduce your risk exposure in an interconnected digital world.
Source: https://securityaffairs.com/181686/cyber-crime/google-salesloft-drift-breach-hits-all-integrations.html
