Salesforce Cuts Off Gainsight App Access After Detecting Data Exposure Risk

Salesforce Cuts Off Gainsight App Access After Detecting Data Exposure Risk—Mandiant Launches Investigation

+5.30% Pre

+1.52% Pre

Salesforce.com, inc.

CRM

260.57

259.59

+5.30%

-0.38% Pre

Oracle Corporation

ORCL

217.58

220.76

+1.52%

+1.46% Pre

On Thursday, Salesforce (NYSE:CRM) halted access to several Gainsight-published applications after detecting suspicious activity that may have allowed unauthorized access to customer data, prompting a deeper investigation led by cybersecurity firm Mandiant.

Salesforce Revokes Tokens, Removes Apps

In a statement, Salesforce said it observed "unusual" behavior tied to Gainsight applications that connect to its platform and warned customers that the activity may have enabled outside access to certain data.

The company stressed that the issue stemmed from the apps' external connections rather than any flaw in Salesforce's systems.

Upon detecting the activity, Salesforce revoked all active access and refresh tokens associated with Gainsight-published applications connected to Salesforce and temporarily removed those applications from the AppExchange while our investigation continues," Salesforce said in a statement.

The company added that its review shows no evidence of any vulnerability in the Salesforce platform.

See Also: Jensen Huang Says Being A CEO Is About ‘Sacrifice': Nvidia Chief Credits His Mother For Preparing Him For The Road Ahead: She Told Me I Was ‘Special'

Gainsight Engages Mandiant

Gainsight also said on its website that it is working closely with Salesforce and has brought in Mandiant to lead a "comprehensive, independent forensic investigation."

"Our current findings indicate that the activity under investigation originated from the applications' external connection — not from any issue or vulnerability within the Salesforce platform," the company said.

Part Of A Growing Trend In Third-Party App Risks

The incident follows warnings about attacks targeting third-party tools connected to major enterprise platforms, including separate cases involving Oracle Corp (NYSE:ORCL) and Salesforce customer environments.

Jaime Blasco, cofounder of Nudge Security, took to LinkedIn and noted that this reflects a growing trend in which attackers bypass core platforms by targeting integrated tools that already hold privileged access.

Benzinga's Edge Stock Rankings indicate that Salesforce is trending lower in the short, medium and long term. Click here to see how its performance stacks up against industry peers.

Read Next:

David Tepper's Hedge Funds Bets On AMD, Nvidia In Q3, Takes Profits On Intel

Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.

Photo courtesy: NYCStock / Shutterstock.com

More This page is machine-translated. Sahm tries to improve but does not guarantee the accuracy and reliability of the translation, and will not be liable for any loss or damage caused by any inaccuracy or omission of the translation. *Disclaimer: The above content only represents the author's personal position and opinion and does not represent any position of Sahm Capital Financial Company and Sahm cannot confirm the authenticity, accuracy, and originality of the above content. Investors should consider the risks of investment products in light of their circumstances before making any investment decisions. When necessary, please consult a professional investment advisor. Sahm does not provide any investment advice, nor does it make any commitments and guarantees.