Dynatrace Data Breach Exposes Customer Information Stored in Salesforce

Dynatrace has confirmed that customer data stored in Salesforce was exposed following a third-party breach involving Salesloft’s Drift application.

The incident, which occurred in August 2025, allowed unauthorized access to Salesforce CRM data across multiple companies.

Both Salesloft and Salesforce responded by disabling the compromised integrations and notifying affected customers.

Incident Overview

The breach stemmed from a cyberattack targeting Drift, a communication and sales engagement application provided by Salesloft.

Attackers were able to exploit connections between Drift and Salesforce, giving them partial access to CRM data.

While the scope of the incident varied by organization, Dynatrace confirmed that some of its customer-related data was involved.

According to the company, the incident was limited strictly to Salesforce systems used for business operations.

No Dynatrace products, services, or systems containing sensitive customer usage data were impacted. Operations across Dynatrace’s platform—including monitoring and observability services—remained uninterrupted throughout the investigation.

The company also emphasized that because it does not use Salesforce’s case management function, no customer support cases or related details were compromised, reducing the potential impact.

Instead, the data at risk was confined to basic business contact details such as names of customer representatives and company identifiers.

After being informed of suspicious activity linked to Drift, Dynatrace took immediate action to safeguard its systems.

The company disabled the Drift integration within its Salesforce environment and launched an internal investigation in cooperation with external cybersecurity experts. Salesloft and Salesforce later confirmed that secure connections were restored as of September 7, 2025.

Dynatrace stressed that protecting customer trust remains a priority. The security team continues to monitor for any suspicious activity that could be connected to the incident.

Importantly, no evidence has been found to suggest that other environments or Dynatrace’s operational systems were exposed.

While the breach appears to involve only business contact information, Dynatrace is urging customers to take preventive precautions.

Specifically, individuals are advised to remain cautious of phishing or social engineering attempts that might leverage contact details obtained in the incident.

To reduce risk, Dynatrace recommended the following actions:

• Remain alert to phone calls or emails requesting login credentials, authentication codes, or sensitive details. Dynatrace will never ask for such information.
• Verify that communications and links originate from official Dynatrace domains.
• When in doubt, customers should navigate directly to the company’s official website or reach out through regular support channels.

The company reaffirmed its commitment by stating that safeguarding customer data and privacy remains a cornerstone of its operations despite this third-party compromise.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.