Toast incident

Toast's Security Update Regarding the Salesloft Drift Incident

Notice Resolved View vendor source →

Toast experienced a notice incident on September 18, 2025, lasting 26s. The incident has been resolved; the full update timeline is below.

Started
Sep 18, 2025, 09:05 PM UTC
Resolved
Sep 18, 2025, 09:05 PM UTC
Duration
26s
Detected by Pingoru
Sep 18, 2025, 09:05 PM UTC

Update timeline

  1. monitoring Sep 18, 2025, 09:05 PM UTC

    Toast recently was made aware of a widespread security incident targeting Salesloft’s Drift application, which provides chat support functionality on Toast’s website and connects to Salesforce, Toast’s CRM system. We immediately disabled Drift upon learning of the incident, and validated it did not affect our core Toast product offerings (such as our POS system). Our investigation indicates that an actor used credentials stolen from Salesloft to access a small subset of information from Toast’s Salesforce instance, and were potentially able to access some business contact information, support case content, as well as Salesforce logs and configuration data. Learn more about this incident → https://updates.toasttab.com/announcements/toast-s-security-update-regarding-the-salesloft-drift-incident

  2. resolved Sep 18, 2025, 09:05 PM UTC

    This incident has been resolved.