We are only one week into September, and yet another attack, another security breach that the world has to worry about. This time it’s Cloudflare, a major internet security company that experienced a data breach (a hack, in this case). The hackers, with precision, broke into Cloudflare’s Salesforce system (where the company’s customer support data is). Well, the hack is such a big deal because it wasn’t just Cloudflare. It was part of a global supply chain attack that impacted several other companies as well. How severe was the hack? What happened afterward? Were any major companies involved? Learn more.
How the Cloudflare Hack Happened?
- The hackers, as usual, found a vulnerability in this case in a tool called Salesloft Drift chatbot.
- This bug gave them a way to sneak into Salesforce systems used by many organizations worldwide.
- The hackers started looking for a loophole on August 9, 2025.
- Exactly after 3 days (on August 12, 2025), they broke into the system.
- They stayed inside the system for the next 5 days (till August 17, 2025), stealing the important data.
What Data Was Stolen From Cloudflare?
They stole data from Customer support cases in Salesforce, and looked for:
- Customer names and contact details
- Case subject lines
- The written conversation in those tickets
However, Cloudflare informs the customer not to share any sensitive details in the tickets. But somehow, a few leave their passwords, API keys, or logs, and mostly those were at risk.
What Wasn’t Stolen?
- Hackers didn't touch Attachments (files sent in cases).
- Cloudflare’s core systems or infrastructure.
How Many Were Affected?
After an investigation, it was found that about 104 of its own API tokens were stolen. But to everyone's surprise, none were used by the hackers, so Cloudflare quickly replaced them.
How Cloudflare Responded?
- Salesforce and Salesloft warned Cloudflare about the breach on August 23, 2025.
- Cloudflare quickly disabled the Drift integration (from where the hacker entered).
- Replaced all login details linked to Salesforce.
- Duly conduct a review into the stolen data, see who and how many were affected.
- And finally, on September 2, 2025, Cloudflare informed its affected customers of the same.
Cloudflare’s Statement On the Hack
In a statement, Cloudflare said, “We are responsible for the choice of tools we use in support of our business. This breach has let our customers down. For that, we sincerely apologize.”
And also urged the users to change their passwords or keys that might have been shared in support tickets, just in case.
Which Other Major Companies Were Affected?
Here's the list:
Palo Alto Networks → Business contact information and internal sales data of the company were stolen by hackers.
Zscaler → Key information like customer names, contact details, and some support case information was stolen.
Google → Only a small percentage of Workspace accounts were accessed via the stolen tokens.
The companies are investigating the issues, and more details on the same are yet to come out.
Why Does the Attack Matter?
We know how vital integrations in tech tools are, but they come at a cost. This hack is the classic example of security risks coming from third-party tools (like chatbots or integrations). No matter how strong you are on the security end, it is equally important to partner with those alike.
Original Article
(Disclaimer – This post is auto-fetched from publicly available RSS feeds. Original source: Startuptalky. All rights belong to the respective publisher.)
