Dynatrace Confirms Data Breach: Hackers Accessed Customer Data From Salesforce

Cybersecurity

On August 2025, Dynatrace was affected by a third-party data breach related to the Salesloft Drift application, leading to unauthorized access to customer business contact information in its Salesforce CRM.

Dynatrace confirmed the breach did not impact its core products, services, or sensitive customer environments.

Incident Details

The breach involved the compromise of Salesloft’s Drift application, which allowed unauthorized access to Salesforce environments of companies using this tool.

Salesloft and Salesforce took action to disable compromised connections and notified affected clients, including Dynatrace.

Dynatrace’s Response and Investigation

Upon notification, Dynatrace disabled the Drift application within its environment to prevent further unauthorized access and initiated a comprehensive investigation with third-party cybersecurity experts.

The investigation confirmed the breach was confined to the Salesforce CRM instance used for customer relationship management and marketing activities. No Dynatrace products, services, or systems housing customer data were compromised.

Dynatrace clarified that it does not use Salesforce’s “case function,” ensuring no customer support case information was accessed. The breach only exposed business contact information, including names and company identifiers, with no sensitive credentials or financial data accessed.

Salesloft re-enabled secure connections on Thu, Sep 7, 2025, following investigation and remediation.

Advisory to Customers

Dynatrace advises customers to be cautious of social engineering and phishing attempts. The company stated it will not request passwords, multi-factor authentication codes, or sensitive credentials via phone or email. Customers should verify communications originate from trusted Dynatrace domains.