In a stunning display of corporate transparency (and by “stunning” we mean “like being tased in the face”), Cloudflare has proudly announced that your Salesforce data took a week-long vacation in mid-August—complete with guided tours by an uninvited threat actor.
The breach reportedly came courtesy of Salesloft Drift, a third-party support tool whose main feature is “drifting your credentials into the hands of strangers.” Hackers waltzed through Salesforce tenants at multiple companies like kids on a field trip, stopping at Cloudflare’s cubicle for juice boxes and customer contact info.
Cloudflare reassures customers:
- “Our core infrastructure wasn’t touched.” Translation: Only the stuff you care about, like your account data and support requests, was rummaged through.
- “Attachments weren’t impacted.” Translation: Congratulations, your PDF of firewall settings wasn’t stolen. Just literally everything you typed into support tickets.
- “We recommend rotating all credentials, API keys, and possibly your entire personality.”
Customers are advised to log into the Cloudflare Support Portal to confirm what secrets were exposed. If you can’t log in, you’re invited to open a brand-new case, thereby feeding fresh information into the very system that was just compromised.
Security experts applauded the statement as a “perfect storm of corporate jargon,” noting that Cloudflare managed to use the phrase digital supply chain risk six times without once admitting, “We got totally owned.”
Meanwhile, hackers were last seen sifting through support cases debating which was juicier: password reset logs or the desperate all-caps email from a customer demanding, “WHY IS MY WEBSITE DOWN???”
In summary: rotate your keys, hug your data, and remember—when one company gets breached, the whole internet gets a participation trophy. 🏆