Supply Chain Email Breach Hits Marketing Giants

A notable supply-chain email breach impacted marketing giants through the compromise of OAuth tokens associated with Salesloft’s Drift platform. This breach propagated through integrations such as Salesforce, affecting hundreds of companies, including high-profile security enterprises like Cloudflare, Zscaler, Palo Alto Networks, SpyCloud, and Tanium.
Attackers exploited the interconnected nature of modern SaaS ecosystems, leveraging downstream trust to access sensitive credentials such as AWS and Snowflake keys as well as customer contact and configuration data. The incident underscored the perils of assuming vendor security remains robust indefinitely.
Simultaneously, retail and consumer-facing brands were also hit. Marks & Spencer (M&S) fell victim to a ransomware attack over the Easter weekend in April 2025, orchestrated by the “Scattered Spider” group (a Lapsus$ offshoot). Luxury and retail brands also faced data compromise. Cartier and The North Face disclosed limited data breaches in April 2025.