Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

Salesforce suffers major outage providing data access irrespective of the permission settings

Save for later
  • 3 min read
  • 20 May 2019

article-image

Salesforce informed its customers that it was facing a major issue with its service, early Friday morning, and mentioned that it was working towards resolving the issue soon. The popular cloud-based software company experienced an outage due to its faulty database script after the company made changes to its production environment. Due to this, users got access to a broad amount of data than intended where they could see all the company’s data irrespective of the permissions.

Salesforce said that the outage, which began on Friday and lasted just over 15 hours, is over - although some may experience a few issues as the platform gets back up to speed.

Salesforce’s chief technology officer and a co-founder, Parker Harris, acknowledged the issue at 12:40 p.m. Eastern time the same day, and tweeted that Salesforce employees were working on the problem.

https://twitter.com/parkerharris/status/1129426438325587969

According to reports on Reddit, users not only received read access but also received write permissions, thus, making it easy for malicious employees to steal or tamper with a company's data.

Salesforce said the script only impacted customers of Salesforce Pardot or have used Pardot in the past. According to The Register, “To deal with the mess, Salesforce's IT team has denied all access to more than 100 cloud instances that host Pardot users, shutting out everyone else using those same systems, whether or not they were using Pardot.” Customers who were not affected may have also experienced certain service disruptions including customers using Marketing Cloud integrations.

https://twitter.com/sfdcmitch/status/1129403764513787905

Salesforce customers in Europe and North America were the most impacted by the company shutting down access to its own service. Salesforce said, “We have started unblocking customers who were not affected by the permission issues.”

https://twitter.com/sfdcmitch/status/1129403764513787905

https://twitter.com/RealSalesAdvice/status/1129421822007566336

On the 18th, at 5.40 a.m. Eastern time, Salesforce, on its status page, announced that access had been restored for administrators of all organizations that had been affected by the permission issues. “We are preparing a set of instructions for admins that may need guidance on how to manually restore those permissions. As soon as the instructions are final, we will inform admins via an email that will contain a link to the instructions,” the company said.

The company further updated:

“We have restored administrators' access to all affected orgs as of 08:04 UTC. We have prepared a set of instructions for admins that may need guidance on how to manually restore those user permissions. We notified admins via an email that contained a link to the instructions.

A subset of admins may still be experiencing issues such as logging in to their orgs, modifying perms that are uneditable, or timeouts.”

To know more about this in detail, visit Salesforce’s status page.

DockerHub database breach exposes 190K customer data including tokens for GitHub and Bitbucket repositories

Facebook confessed another data breach; says it “unintentionally uploaded” 1.5 million email contacts without consent

Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at £16.99/month. Cancel anytime

Justice Department’s indictment report claims Chinese hackers breached business  and government network