A breach connected to the Drift AI chatbot operated by Atlanta-based Salesloft exposed data from more than 700 companies, making it one of the most far-reaching AI-linked security incidents of 2025. The compromise, disclosed in August 2025, affected customer conversation data and contact information across a wide set of organizations that relied on the chatbot for sales engagement.
The list of affected companies included major security vendors. Palo Alto Networks, Cloudflare, and Zscaler were among those reporting that customer conversation data and contact details had been stolen through the chatbot integration. The involvement of leading cybersecurity firms drew particular attention, since it showed that even security-focused organizations were exposed through a third-party AI tool connected to their systems.
Salesloft, headquartered in Atlanta in Fulton County, is a sales engagement platform that acquired the Drift conversational marketing technology. The breach illustrated how an AI chatbot embedded across many customer environments can become a single point of failure, allowing attackers to reach data held by hundreds of downstream organizations through one compromised integration.
The incident reinforced concerns about the security of AI tools that connect deeply into corporate sales and marketing stacks. Because such chatbots often hold conversation histories and contact records spanning many clients, a compromise can cascade quickly. Security teams across the affected companies moved to assess exposure, rotate credentials, and review the access granted to third-party AI integrations following the disclosure.
Source: Trend Micro -- https://www.trendmicro.com/en_us/research/25/i/ai-app-breach.html