Getting Started
Configuring Your Account
Understand Billing
Publishing
Analytics & Reporting
Engagement
AI and Automation
Social Listening
Sprout Integrations
Tagging
Customer Care
Salesforce Service Cloud
Instagram
Facebook
X
Tiktok
Threads
WhatsApp
LinkedIn
YouTube
Pinterest
Bluesky
Getting Started
Configuring Your Account
Understand Billing
Publishing
Analytics & Reporting
Engagement
AI and Automation
Social Listening
Sprout Integrations
Tagging
Customer Care
Salesforce Service Cloud
Instagram
Facebook
X
Tiktok
Threads
WhatsApp
LinkedIn
YouTube
Pinterest
Bluesky

Salesloft Drift Security Incident - September 12, 2025

Table of Contents

A recent security incident involving Salesloft's Drift, a third-party integration, has impacted numerous organizations worldwide, including Sprout Social. This incident allowed threat actors to access Salesforce environments across affected companies. For Sprout, the unauthorized access was limited to our Salesforce CRM data and may have included business contact details (names, professional email addresses, phone numbers, job titles), basic organizational information, account status information, Salesforce object metadata, and field summaries.

No Sprout Social product or services were impacted, and, importantly, no sensitive customer data was affected, such as platform data, authentication credentials, API keys, payment details, or support case information.

Sprout Action

Upon learning of this incident, our security team implemented comprehensive containment protocols:

  • Severed all connections between Salesforce and Drift immediately
  • Deactivated the Drift integration and invalidated all associated access tokens
  • Audited all Salesforce API credentials
  • Confirmed no evidence of persistent threats or lateral movement within our systems

Staying Protected Together

Given that many other organizations have experienced this incident, heightened awareness remains crucial. Bad actors may attempt to exploit the exposed contact information through:

  • Sophisticated phishing emails appearing to come from Sprout Social
  • Unexpected phone calls requesting sensitive information
  • Social engineering attempts to reference legitimate business relationships

Salesloft has published additional information and recommendations on their blog, which you should review. 

Moving Forward

Security isn't just a priority; it's fundamental to everything we do. We're using this incident to further strengthen our third-party risk management and will continue investing in protective measures that safeguard your trust.

Our support teams stand ready to address any questions or concerns you may have about this incident. You can contact them at support@sproutsocial.com 

Was this article helpful?

0 out of 0 found this helpful

Table of Contents