Salesforce clients have seen a significant increase in targeted attacks this year, with several high-profile organizations affected. IBM® X-Force®, an IBM elite team of hackers, incident responders and threat intelligence analysts has been tracking these events. The expert analysis by the X-Force Threat Intelligence team integrates telemetry from IBM security operations, research, incident response investigations, commercial data and open sources. This analysis provides insight to help understand these attacks and their impact.

While these incidents underscore the evolving sophistication of threat actors, it’s crucial to understand that the platform Salesforce itself has not been breached. Instead, attackers are targeting vulnerabilities in the broader ecosystem, primarily through human manipulation and trusted integrations.

This trend highlights a critical truth: the most vulnerable aspect of any system is often not the technology itself, but the people and processes surrounding it. It also emphasizes the importance of the shared security responsibility model between Salesforce and its users.