Tenable Response to Salesforce and Salesloft Drift Incident
At Tenable, we take transparency seriously, especially when it comes to protecting our customers’ data. We recently learned of a widespread data theft campaign involving the integration of Salesforce and Salesloft Drift, and Tenable was among the many organizations impacted. In line with our commitment to transparency and data protection, we made impacted customers aware of the details as quickly as possible. Importantly, we assured them that Tenable products and any data within the Tenable product suite were not impacted.
Our ongoing investigation found evidence that an unauthorized user had access to a portion of some of our customers’ information stored in our Salesforce instance, including subject lines and initial descriptions provided by our customers when opening a Tenable support case, and commonly available business contact information (such as names, business email addresses, phone numbers, and regional/location references). At this time we have no evidence that any of this information has been misused.
Tenable has robust controls in place and have taken immediate action to address this issue, including:
- Revoked and Rotated Credentials: Revoked and rotated all potentially compromised Salesforce, Drift and associated integrations (or systems) credentials.
- Secured Our Systems: Further hardened our Salesforce environment and other connected systems to reduce the likelihood of a future exploitation.
- Disabled and Removed the Application: Disabled and removed the Salesloft Drift application from our Salesforce instance and all applications that integrated with Salesloft.
- Actioned Indicators of Compromise: Applied known available indicators of compromise shared by Salesforce and leading cybersecurity experts.
- Maintained Continuous Monitoring: Ongoing monitoring of our Salesforce and other SaaS solutions utilizing our established SSPM technology for exposures and unusual activity.
The security and privacy of our customers’ data are critical to us, and we strongly recommend that our customers take the proactive steps recommended by Salesforce and leading cybersecurity experts, which can be viewed here.
At Tenable, we are committed to a transparent and thorough response to any security issue. Our team is working around the clock to safeguard our systems and our customers’ data, and will update as appropriate.
Need Assistance?
If you have concerns or need additional support, Tenable’s Support teams are available at [email protected].
Robert Huber
Chief Security Officer, Head of Research and President of Tenable Public Sector
As Tenable’s Chief Security Officer, Head of Research and President of Tenable Public Sector, LLC, Robert Huber oversees the company's global security and research teams, working cross-functionally to reduce risk to the organization, its customers and the broader industry. He has more than 25 years of cyber security experience across the financial, defense, critical infrastructure and technology sectors. Prior to joining Tenable, Robert was a chief security and strategy officer at Eastwind Networks. He was previously co-founder and president of Critical Intelligence, an OT threat intelligence and solutions provider, which cyber threat intelligence leader iSIGHT Partners acquired in 2015. He also served as a member of the Lockheed Martin CIRT, an OT security researcher at Idaho National Laboratory and was a chief security architect for JP Morgan Chase. Robert is a board member and advisor to several security startups and served in the U.S. Air Force and Air National Guard for more than 22 years. Before retiring in 2021, he provided offensive and defensive cyber capabilities supporting the National Security Agency (NSA), United States Cyber Command and state missions.
Related articles
Tenable Cloud Security To Help Fed Agencies Tackle Cloud Challenges as It Nears FedRAMP Authorization
As federal agencies adopt a cloud-first policy, they face unique challenges in securing cloud infrastructure. Learn how Tenable Cloud Security, which is now FedRAMP "In Process," can help.
Tenable Customer Update about CrowdStrike Incident
Please read this important customer update about CrowdStrike's recent incident.
Tenable Announces Former Senior Administration Officials to Inaugural Public Sector Advisory Board
Rob Joyce and Mark Weatherford will help Tenable shape federal cyber and AI policy
- Announcements