A supply-chain breach originated from Salesloft's GitHub account, leading to the theft of Drift OAuth tokens and subsequent widespread Salesforce data theft attacks targeting customer credentials, with attackers gaining initial access to GitHub and downloading code, adding guest accounts, and creating rogue workflows. The breach has been contained, with credentials rotated and Salesforce integration restored.