Trust Center

🚨Important: This incident DID NOT impact the Sigma platform, products, services, infrastructure or any data in customers’ cloud data warehouses (CDWs).

At Sigma, we take the protection of our customers' data very seriously and are committed to maintaining full transparency. We are providing this update regarding a recent security incident involving our third-party vendor, Salesloft, and their Drift application.

What Happened
Last week, Sigma was made aware of a campaign targeted at Salesloft Drift (marketing software-as-a-service) and impacting a large number of Salesforce customers. This incident involved the theft of OAuth tokens from Salesloft Drift, a third-party application used to automate sales workflows and integrate with Salesforce to manage leads and contact information.
The scope of this incident was isolated to the Salesforce instance, and there has been no impact or compromise of any Sigma product, service, or underlying infrastructure.
As part of this campaign, we now understand that unauthorized actors gained access to Salesloft Drift credentials of its customers, including Sigma. A detailed review as part of Sigma’s ongoing investigation determined these credentials allowed limited access to some information in Salesforce, which Sigma uses to house business and sales related information about current and prospective customers.

Scope of Impact
Our immediate and ongoing investigation has determined that the accessed data was limited to business contact information and details from our Salesforce records. This includes:

• Business email addresses
• Some business phone numbers
• Business addresses
• Names

Based on our extensive investigation to date, Sigma has found no evidence of misuse of this information.

Our Actions and Ongoing Response
Upon learning of the incident, our security team immediately launched a comprehensive response:

• Disconnected all Drift integrations from our systems and Salesforce platform.
• Out of an abundance of caution, reset all user tokens and sessions.
• Revoked and rotated credentials for all affected app-to-app integrations on Salesforce.
• Launching a detailed investigation into the scope of the event, working closely with Salesforce to assess and understand impacts as they continue investigating.
• Immediately launched a third party risk management investigation for third party vendors used by Sigma.
• We have directly notified a small number of customers whose business contact information (stated above) may have been exposed.

Recommendations for Our Customers
The scope of the incident remains limited (as noted above), and no evidence of misuse has been identified. While we believe the risk is minimal, we encourage customers to remain vigilant, particularly against potential phishing or social engineering attempts that could leverage exposed contact details. Sigma will never ask for sensitive information, such as passwords or financial details, through unsolicited communications.

For any questions, please contact your account representative team. You can also reach out to our security team at security@sigmacomputing.com.

FAQs

1. Did the Salesloft incident have any impact on the Sigma platform or its services provided to the customers?
   No — the Sigma platform, its services, and infrastructure were not impacted. Customer environments, including their cloud data warehouses, also remain unaffected.

2. Was any sensitive customer data affected?
   No. Based on the services Sigma provides to our customers, we can confirm that no sensitive data within customer’s cloud data warehouses were affected.

3. What does Sigma use Salesforce for ?
   Sigma uses Salesforce for CRM only. We do not use it for any other purposes like customer service or support.

4. What was the scope of the Salesloft incident for Sigma ?
   The issue was isolated to Sigma’s Internal Salesforce CRM instance. It involved only a very limited set of business contact details — specifically email addresses, phone numbers, and, in some cases, business addresses.

5. Was any customer data stored in Salesforce impacted?
   No customer warehouse data or Sigma platform data resides in Salesforce. The affected information was limited to business contact details in Sigma’s internal CRM.

Sigma Computing not impacted by MOVEit Vulnerability

We have recently been made aware of a significant MOVEit vulnerability that has garnered attention in the security community. Reports from reputable threat intelligence sources indicate that customers of this solution may be affected. You can find more information about this incident here: link to Security Week article.

We want to assure our valued customers that Sigma Computing is not susceptible to this vulnerability. Our product does not rely on or incorporate this technology/software, which means that the confidentiality, integrity, and availability of our systems remain uncompromised. Moreover, we have taken additional measures to ensure and validate that none of Sigma's critical sub-processors are affected by this vulnerability.

For a list of our subprocessors please click here.