Supply chain
[SC] Supply Chain
Workiva Third-Party Breach (September 2025)
Primary Source ↗Incident Details
In 2025, Workiva experienced a data security incident via a third-party vendor relationship. The compromised
third-party vendor was Drift (Salesloft). Source reporting:
https://www.bleepingcomputer.com/news/security/saas-giant-workiva-discloses-data-breach-after-salesforce-attack/
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- Drift (Salesloft)
- Supply Chain Attack
- ✅ Confirmed third-party / vendor compromise
Timeline
- 2025-09-01 Breach occurred
- 2025-09-01 Publicly disclosed