New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

Salesforce Struggling Due to Faulty Database

A production environment change led to access permission settings being left wide open allowing employees to view and make changes to company files. Users accounts on Reddit reported not only was read access granted but employees also had write permissions as well. As the issue was looked into further, it was determined that “a database script deployment that inadvertently gave users broader data access than intended,” read the status update. Although the script only seemed to have affected Salesforce Pardot users, all Salesforce services were taken offline which affected a reported near 3,300 customers in North America and Europe. Many users have taken to social media platforms to express their distress and many of them have claimed they have been sent home from work because of the outage. Salesforces CTO, Parker Harris also posted on Twitter apologizing for the situation, his tweet read “To all of our @salesforce customers, please be aware that we are experiencing a major issue with our service and apologize for the impact it is having on you. Please know that we have all hands on this issue and are resolving as quickly as possible.” Permissions are slowly being restored with automated provisioning, but some customers may experience difficulties.

Analyst Notes

Users who were directly affected by this instance will want to continue to be on the lookout for further updates from Salesforce. When the service is back online users will want to monitor their platform for suspicious activity since it could have possibly been compromised.