Breach Notes

Vulnetix
Cloud [SC] Supply Chain

Elasticsearch B.V. Third-Party Breach (September 2025)

2025-09-01 [vendor] Drift (Salesloft)
Primary Source ↗

Incident Details

In 2025, Elasticsearch B.V. experienced a data security incident via a third-party vendor relationship. The compromised third-party vendor was Drift (Salesloft). Source reporting: https://www.elastic.co/blog/elastic-update-salesloft-drift-security-incident

Technical Details

Initial Attack Vector
Compromise of third-party service provider / vendor relationship
Vendor / Product
Drift (Salesloft)
Supply Chain Attack
✅ Confirmed third-party / vendor compromise

Timeline

  1. 2025-09-01 Breach occurred
  2. 2025-09-01 Publicly disclosed