Third-Party Security Incident Impacting Salesforce Integration via Drift

Update timeline

1. resolved Sep 03, 2025, 01:06 PM UTC

   We have been informed of a security incident involving Drift, a third-party application previously integrated with our Salesforce environment as part of Cloudinary’s support processes. This incident is part of a broader issue affecting multiple organizations that use these services. Immediately upon learning of the situation, we disabled all connections between Cloudinary’s systems and Drift. We are actively working with Salesforce, Drift, and other relevant parties to support the ongoing investigation and to ensure the continued security of our data and systems. At this time, our review indicates that no data stored within Cloudinary’s products or core systems has been affected. The information involved appears limited to standard business contact details and certain support communications managed through Salesforce. Customers impacted by this incident have been notified directly with guidance and recommended next steps. As always, we encourage all customers to remain vigilant for any phishing or social engineering attempts that could result from incidents of this nature.