A massive theft of authentication tokens from the AI provider Salesloft occurred even though the company holds dual ISO 27001 certifications covering its operations in both the US and Europe.
The company’s product, Salesloft Drift, is used by major corporations to power various AI applications, including chatbots. According to the security analyst website Krebs Security, the breach was first discovered to have affected users of Salesforce, a popular customer relationship management (CRM) platform, but has now been discovered to be much wider in scope:
The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.
It remains unclear exactly how the attackers gained access to all Salesloft Drift authentication tokens. Salesloft announced on August 27 that it hired Mandiant, Google Cloud’s incident response division, to investigate the root cause(s).
At the same time, Salesloft holds ISO 27001 certification for information security management and ISO 27701 certification for privacy information management. For its US operations, the certificates were issued by the certification body Schellman and accredited by ANAB. Salesloft then holds a second set of certificates issued by Schellmann but accredited by the UK accreditation body, UKAS.
As reported previously (here and here), the wording of both the ISO certificates themselves and the marketing materials of bodies like ANAB, UKAS, and Schellman suggests that certification to these standards should prevent such breaches. In reality, certification to any standard does not in any way equal security, but the scheme actors nevertheless market it as such.
On its ISO 27001 page, Salesloft says, “we do more than just follow policies and check boxes: we instill awareness and best practices in our culture so that security and data privacy are ingrained when designing our applications, managing our hosting environments, and conducting daily business operations.”
At the same time, the page for ISO 27001 on the Schellman website claims:
ISO 27001 certification will provide your organization with independent corroboration that an ISMS has been implemented, and that policies, controls, and processes are in place to protect data and respond to threats effectively. ISO 27001 certification aids in the improved identification and mitigation of your information security risks, as the process and required lifecycle demand that your organization proactively identifies and addresses potential issues to ensure their objectives are consistently met.
Schellman was at the center of another industry problem as its ISO 42001 client, Anthropic, is being sued for copyright infringement. Multiple plaintiffs claim that Anthropic illegally used their copyrighted works to populate the company’s large language models (LLMs) that are used to power AI tools like Claude. On August 26th, Anthropic settled a class action lawsuit alleging it engaged in copyright theft. According to Reuters, the judge in that case stated that “Anthropic might have illegally downloaded as many as seven million books from pirate websites.” Despite this, Anthropic remains certified by Schellman. Audits of ISO 42001 by CBs like Schellman are supposed to confirm the provenance of LLM data to ensure that copyrighted information is not used.
The ISO 27001 certification scheme has proved largely useless against hacks and breaches, even as companies pay for expensive audits and certifications and then market them as security assurances. Both ANAB and UKAS have instituted policies shielding them from oversight, including blocking stakeholder complaints and allegations of conflicts of interest and fraud. The International Accreditation Forum (IAF), which is supposed to hold ANAB and UKAS accountable under ISO 17011, has instead worked to cover up the problems, giving the scheme the appearance of a massive pay-to-play scam.
Oxebridge has advocated for reform of the scheme to ensure certifications are only issued when companies demonstrate genuine conformity, and that they are withdrawn when scandals emerge proving the company was not in conformance. Both the IAF and ISO have opposed the reforms.
Related ISO 27001 scandals:
- In 2018, Equifax suffered a highly publicized and massive breach despite holding ISO 27001 certification by EY CertifyPoint. Investigators later found that Equifax’s security hardware was decades old, but it had never been discovered by the third-party auditors.
- In 2019, the international security firm Prosegur was hacked, while holding ISO 27001 certification by AENOR.
- In 2021, NASA contractor Digital Management Inc. suffered a ransomware attack while holding ISO 27001 issued by SRI.
- In 2023, the company Airtable was reported to have been leaking children’s personally identifiable information (PII) while holding an ISO 27001 certification issued by BARR Certifications.
- In 2023, Okta was breached in a hack that affected “all” its customers, while holding an ISO 27001 certification issued by Schellman.
- In 2024, Fidelity Investments was hacked while holding ISO 27001 certification issued by NQA.
- In 2024, AI firm Paradox was breached after it was found using a password of “123456” despite being ISO 27001 certified by A-LIGN.
- In 2025, the British telecommunications firm Colt had its data sold on the dark web by the hacker group WarLock, despite being ISO 27001 certified by BSI.
