PagerDuty Acknowledges Data Breach Following Vulnerability in Third-Party Application Exposing Salesforce Information

PagerDuty, a leader in digital operations management, has confirmed a security incident that resulted in unauthorized access to some of its data stored in Salesforce. The company stated that no PagerDuty platform credentials were compromised and that the breach stemmed from a vulnerability in a third-party application, Salesloft Drift. The timeline of the incident began on August 20, 2025, when PagerDuty was first notified by Salesloft about a potential security issue related to its Drift application. Three days later, on August 23rd, Salesloft confirmed that attackers had exploited a vulnerability in Drift’s OAuth integration with Salesforce. This “hijacked authorization process” allowed a threat actor to gain unauthorized access to PagerDuty’s Salesforce instance. PagerDuty emphasised that the breach was limited in scope, stating, “We have not seen any indication that access to the PagerDuty platform or any other internal systems or resources beyond Salesforce may have occurred.”

Upon learning of the compromise, PagerDuty immediately disabled Salesloft Drift’s access to its Salesforce data and is conducting an ongoing investigation. The potentially exposed data includes customer contact information such as names, phone numbers, and email addresses. While PagerDuty’s core services and credentials remain secure, the exposure of this contact information raises the risk of targeted phishing and social engineering attacks against its customers. In light of this potential exposure, PagerDuty advises all customers to exercise extra vigilance. The company warns, “PagerDuty will never contact anyone by phone to request a password or any other secure details.” This incident highlights the complex security challenges companies face when integrating third-party applications into their core systems. PagerDuty is committed to treating the matter with the utmost seriousness and continues to monitor the situation closely, providing updates as its investigation progresses. Customers are urged to be cautious of unsolicited communications and to report any suspicious activity. 

Categories: Data Breach, Third-Party Vulnerability, Customer Security Awareness 

Tags: PagerDuty, Security Incident, Unauthorized Access, Salesforce, Salesloft Drift, OAuth Integration, Data Breach, Customer Contact Information, Phishing, Third-Party Applications