AppFolio, a cloud-based real estate software provider, suffered a data breach due to a vulnerability in its third-party vendor, Salesloft, which allowed unauthorized access to its CRM system between August 8–18, 2025. The breach exposed personal information (names and Social Security numbers) of 72,444 U.S. individuals, including residents across multiple states. The incident was detected on August 22, 2025, with investigations confirming the compromise on September 18, 2025. AppFolio disabled Salesloft integrations, notified affected individuals (starting October 6, 2025), and offered 24 months of free credit monitoring and identity theft protection. The breach stemmed from a supply-chain attack, where threat actors exploited a flaw in Salesloft’s system to exfiltrate sensitive customer data from AppFolio’s hosted environment. Regulatory disclosures were made to state authorities, including Attorney Generals' offices in Maine, Massachusetts, Oregon, Texas, Montana, and New Hampshire.
Source: https://www.claimdepot.com/data-breach/appfolio-2025
TPRM report: https://www.rankiteo.com/company/appfolio
"id": "app2202622100825",
"linkid": "appfolio",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 72444,
'industry': 'real estate software (SaaS)',
'location': 'United States',
'name': 'AppFolio, Inc.',
'type': 'public company'},
{'industry': 'sales enablement software',
'name': 'Salesloft',
'type': 'vendor'}],
'attack_vector': 'vulnerability in Salesloft (third-party vendor)',
'customer_advisories': ['notification letters mailed to affected individuals '
'(Oct. 6, 2025)'],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 72444,
'personally_identifiable_information': ['names',
'Social Security '
'numbers'],
'sensitivity_of_data': 'high (includes Social Security '
'numbers)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)']},
'date_detected': '2025-08-22',
'date_publicly_disclosed': '2025-10-06',
'description': 'AppFolio, Inc., a cloud-based business software provider for '
'the real estate industry, experienced a data breach due to '
'unauthorized access to its CRM system through a vulnerability '
'in its vendor, Salesloft. The breach exposed personal '
'information, including names and Social Security numbers, of '
'72,444 individuals across multiple U.S. states. The incident '
'was detected on Aug. 22, 2025, with the breach occurring '
'between Aug. 8 and Aug. 18, 2025. AppFolio disabled Salesloft '
'integrations, notified affected individuals, and offered 24 '
'months of free credit monitoring and identity theft '
'protection services.',
'impact': {'brand_reputation_impact': 'potential reputational damage due to '
'exposure of PII',
'data_compromised': ['names', 'Social Security numbers'],
'identity_theft_risk': 'high (SSNs exposed)',
'legal_liabilities': 'notifications to state Attorney Generals '
'(Maine, Massachusetts, Oregon, Texas, '
'Montana, New Hampshire)',
'operational_impact': 'disabled Salesloft integrations',
'systems_affected': ['CRM system (hosted by AppFolio)']},
'initial_access_broker': {'entry_point': 'vulnerability in Salesloft '
'(third-party vendor)',
'high_value_targets': ['CRM system containing PII']},
'investigation_status': 'completed (as of Sept. 18, 2025)',
'post_incident_analysis': {'corrective_actions': ['disabled Salesloft '
'integrations',
'offered credit monitoring '
'to affected individuals'],
'root_causes': ['third-party vendor (Salesloft) '
'vulnerability leading to '
'unauthorized CRM access']},
'recommendations': ['Sign up for free credit monitoring and identity theft '
'protection services offered by AppFolio.',
'Monitor credit reports and financial accounts for '
'unusual activity.',
'Be alert for phishing attempts using exposed '
'information.',
'Consider placing a fraud alert or credit freeze with '
'major credit bureaus.'],
'references': [{'source': 'AppFolio Official Website',
'url': 'https://www.appfolio.com'}],
'regulatory_compliance': {'regulatory_notifications': ['state Attorney '
'Generals (Maine, '
'Massachusetts, '
'Oregon, Texas, '
'Montana, New '
'Hampshire)']},
'response': {'communication_strategy': ['mailed notification letters to '
'affected individuals (starting Oct. '
'6, 2025)',
'disclosed to state Attorney '
'Generals'],
'containment_measures': ['disabled Salesloft integrations'],
'incident_response_plan_activated': True,
'recovery_measures': ['offered 24 months of free TransUnion '
'Cyberscout credit monitoring and identity '
'theft protection']},
'threat_actor': 'unauthorized actor (unknown)',
'title': 'AppFolio Data Breach via Salesloft Vendor Vulnerability (2025)',
'type': ['data breach',
'third-party vendor compromise',
'unauthorized access']}