Salesforce has flagged unusual activity concerning applications associated with Gainsight, revealing that this may have allowed unauthorized access to certain customers’ Salesforce data. An internal investigation prompted Salesforce to revoke all active access and refresh tokens linked to Gainsight’s applications, and these applications have been temporarily removed from the AppExchange.
The number of customers affected by the breach has not been disclosed, but Salesforce stated that notifications were sent out to those impacted. The company emphasized that the issue does not stem from vulnerabilities within the Salesforce platform itself; rather, it seems to derive from external connections established by the Gainsight app.
In a proactive move, Gainsight has also pulled its application from the HubSpot Marketplace, stating that this precaution might affect OAuth access during the review process, although no suspicious activity related to HubSpot has been detected.
Austin Larsen, a principal threat analyst at Google Threat Intelligence Group, characterized the event as part of an "emerging campaign" targeting Gainsight’s applications. This campaign appears linked to the ShinyHunters group, which has conducted similar attacks on platforms such as Salesloft earlier in the year.
In these recent activities, attackers reportedly gained access to business contact information, including names and email addresses, leveraging OAuth tokens associated with trusted third-party SaaS integrations. Organizations are being urged to closely review their integrations with Salesforce, revoke tokens from unused or suspicious applications, and rotate credentials if any anomalies are detected.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.