Faulty production script gave users access to all their company’s Salesforce data
Salesforce is going through one of its biggest outages ever after the company was forced to shut down large chunks of its infrastructure earlier today.
At the heart of the outage was a change the company made to its production environment that broke access permission settings across organizations and gave employees access to all of their company’s files.
According to reports on Reddit, users didn’t just get read access, but they also received write permissions, making it easy for malicious employees to steal or tamper with a company’s data.
In a status update, the company blamed the issue on “a database script deployment that inadvertently gave users broader data access than intended.”
Salesforce customers in Europe and North America were the most impacted by the company shutting down access to its own service.
Salesforce said the script only impacted customers of Salesforce Pardot — a business-to-business (B2B) marketing-focused CRM.
However, out of an abundance of caution, the company decided to take down all other Salesforce services, for both current and former Pardot customers.
“As a result, customers who were not affected may have also experienced service disruption, including customers using Marketing Cloud integrations,” Salesforce said.
The issue caused quite a ruckus on social media, where the company has been ridiculed all day. Some users reported being sent home from their jobs due to the prolonged Salesforce outage.
Salesforce said it was slowly unblocking access for companies that were not impacted by the database script directly.
“In parallel, we are working to restore the original permissions as quickly as possible for customers that were affected by the permissions change,” Salesforce said.
Code Execution Vulnerability Identified in Change Healthcare Cardiology DevicesA vulnerability has been identified in Change Healthcare Cardiology, McKesson Cardiology, and Horizon Cardiology devices. The vulnerability could be exploited by a locally authenticated...
29% of Small Businesses Spend Less Than $1,000 on IT Security Annually and Why They Are The Most Targeted
29% of Small Businesses Spend Less Than $1,000 on IT Security Annually and Why They Are The Most TargetedThe digital and network footprint of small businesses is continually growing. Online commerce, social media, remote workers, and cloud-based IT infrastructure are...
What Other Companies Can Learn from Facebook’s $5 Billion Fine and Why Privacy MattersWhile Facebook’s $5 billion settlement stands as the largest fine in the history of the Federal Trade Commission (FTC), one must take into consideration that not every company is...
Stay Up to Date With The Latest News & Updates
Join Our Newsletter
Get weekly tech updates and immediate alerts when there is a zero-day or security issue!