Update on the Salesforce–Drift Security Incident

We wanted to share a brief update regarding the Salesforce–Drift security incident.

Salesforce shared that a known threat actor, ShinyHunters, has claimed on a public Telegram channel that they intend to post data allegedly obtained from this incident. Salesforce confirmed that this issue did not stem from a vulnerability in the core Salesforce platform, and they are actively investigating in coordination with law enforcement.

There is no new evidence that any additional Handshake systems or customer data were impacted. We are continuing to monitor the situation closely and will share further updates if new information becomes available.

Handshake Security and Privacy Team

Handshake Security Update: Salesforce Drift Incident

Protecting customer data and maintaining transparency are at the core of Handshake’s mission. We are committed to keeping customers informed about security developments that may affect their organization and want to share a detailed update regarding the recent Salesforce Drift incident.

What Happened?

On Wednesday, August 27, Handshake learned of a compromise involving a third-party application, Salesloft’s Drift, which resulted in unauthorized access and exfiltration of data stored in our Salesforce environment. Once notified, Handshake took immediate action to secure the environment, disconnecting the application from its Salesforce instance and launching a comprehensive investigation with our internal security team.

The impact of this event is confined to our Salesforce environment and did not implicate Handshake’s core products, services, systems, or infrastructure.

What Information May Be Affected?

Our investigation determined that the exposed data is limited to business contact information and specific Salesforce-related content, which includes:

• Customer (company) name
• Business address and contracting information
• The name, job title, business phone number, and company email address of the customer representative

What Did Handshake Do?

Handshake took immediate steps to secure our environment and mitigate risks:

• Disconnected and revoked Salesloft Drift’s access to Handshake’s Salesforce instance. Out of an abundance of caution, we also disconnected all integrations of Drift with other applications, such as Handshake’s core product, marketing portal, and other internal sales applications.
• Rotated relevant API access tokens to prevent further access.
• Initiated a full investigation into the scope and impact of the breach, working closely with Salesforce and external experts.
• Prioritized additional safeguards and protocol enhancements to prevent similar incidents in the future.
• Activated continuous monitoring for any potential exposure or misuse of exfiltrated data tied to the incident.

Handshake will continue to provide updates should any new developments arise.

What You Can Do

We recommend the following actions to ensure your security:

• Exercise caution with unsolicited emails, phone calls, or requests for sensitive information. Always verify the source and do not disclose passwords or payment information through unverified channels.
• All communications from Handshake will come from trusted, official channels. Our email outreach will always come from @joinhandshake.com. Handshake Support will never ask for authentication or authorization details via unsolicited outreach, phone, or SMS.
• Report any suspicious activity to security@joinhandshake.com.

Need Assistance or Have Questions?

Handshake’s Customer Success and Support teams are available to assist you through all regular support channels. You may also contact the Handshake Security team directly at security@joinhandshake.com.

Your trust is paramount to us. Thank you for your continued partnership with Handshake.

Handshake has successfully completed its PCI DSS v4.0.1 assessment as a Service Provider, using the Self-Assessment Questionnaire D (SAQ-D). The assessment and resulting Attestation of Compliance (AOC) were completed by a Qualified Security Assessor (QSA) from our independent auditor.

As part of our commitment to transparency and security, we’ve made both the AOC and our PCI Responsibility Matrix available for download to our customers through our Trust Portal. These documents outline our compliance status and clarify the shared responsibilities between Handshake and our customers when handling cardholder data.

Thank you for your continued trust and support.

The Handshake Security Team.

We are pleased to inform our customers that we have successfully issued our SOC 2 report for Handshake Education and Handshake Basic, Plus, Talent Engagement Suite and Talent Essentials system. The report was designed and implemented throughout the period March 1, 2024 to February 28, 2025, in accordance with the description criteria. This achievement underscores our ongoing commitment to maintaining the highest standards of data security and privacy. For more details, please visit our Trust Portal.

Thank you for your continued trust and support.

The Handshake Security Team.

Handshake Latest Penetration Test Results

Dear Valued Customer,

We are pleased to announce the results of our latest penetration test, conducted in the second quarter of 2025. The assessment aimed to identify potential vulnerabilities and ensure the security of our systems. A letter of attestation can be downloaded from our trust portal.

Key Findings

• No Critical or High Findings: The penetration test revealed no critical or high-risk vulnerabilities that remain unaddressed.

Commitment to Security

At Handshake, we prioritize the security of our systems and data. Regular penetration testing is a key component of our proactive security strategy. We continually monitor and enhance our security practices to protect against emerging threats.

Thank you for your trust in us!

Best regards,

Handshake Security Team.

Successful Completion of PCI Audit and Availability of AOC.

Dear Valued Customer,

We are excited to inform you that we have successfully completed our PCI audit and have received our Attestation of Compliance (AOC) from our Qualified Security Assessor (QSA). This achievement demonstrates our commitment to maintaining the highest standards of security and compliance. To provide you with the utmost transparency and assurance, we have made the AOC available on our customer trust portal. Alongside the AOC, you will also find our responsibility matrix, which outlines the roles and responsibilities regarding our compliance efforts.

We understand the importance of security and compliance in your business operations, and we are dedicated to continuously improving our processes to meet your needs. Should you have any questions or require further information, please do not hesitate to reach out.

Thank you for your trust and partnership.

Best regards,

Handshake Security Team.