AppFolio, Inc.

AppFolio, Inc. experienced a significant data breach originating from a security incident at Salesloft, one of its third-party vendors. The breach, discovered on August 22, 2025, involved cybercriminals infiltrating Salesloft’s inadequately secured network, thereby gaining unauthorized access to AppFolio’s files. The forensic investigation confirmed that sensitive personal information of tens of thousands of individuals was compromised, including names and Social Security numbers (SSNs).The exposed data poses severe risks, as cybercriminals may exploit it for identity theft, dark web sales, or financial fraud. The breach has prompted legal action, with Murphy Law Firm investigating a potential class action lawsuit on behalf of affected individuals to recover damages. The incident underscores critical vulnerabilities in AppFolio’s vendor security protocols, leading to large-scale exposure of highly sensitive personal data with long-term repercussions for victims.

Source: https://www.globenewswire.com/news-release/2025/10/08/3163813/0/en/AppFolio-Data-Breach-Exposes-Personal-Information-Murphy-Law-Firm-Investigates-Legal-Claims.html

TPRM report: https://www.rankiteo.com/company/appfolio

"id": "app2702127100925",
"linkid": "appfolio",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Tens of thousands of '
                                              'individuals',
                        'industry': 'Property Management & Legal Tech Software',
                        'name': 'AppFolio, Inc.',
                        'type': 'Public Company (SaaS Provider)'},
                       {'industry': 'Sales Enablement Software',
                        'name': 'Salesloft',
                        'type': 'Third-Party Vendor'}],
 'attack_vector': 'Third-Party Vendor Exploitation (Salesloft)',
 'customer_advisories': 'Notifications sent to affected individuals (implied '
                        "by 'received notice')",
 'data_breach': {'data_exfiltration': 'Likely (files accessed and/or acquired)',
                 'number_of_records_exposed': 'Tens of thousands',
                 'personally_identifiable_information': ['Names',
                                                         'Social Security '
                                                         'numbers'],
                 'sensitivity_of_data': 'High (includes Social Security '
                                        'numbers)',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)']},
 'date_detected': '2025-08-22',
 'date_publicly_disclosed': '2025-10-08',
 'description': 'On or around August 22, 2025, AppFolio, Inc. became aware of '
                'a security incident affecting Salesloft, one of its vendors. '
                "Cybercriminals infiltrated Salesloft's inadequately secured "
                'network and gained access to AppFolio’s files, exposing '
                'sensitive personal information of tens of thousands of '
                'individuals, including names and Social Security numbers. The '
                'compromised data may be sold on the dark web or used for '
                'identity theft. Murphy Law Firm is investigating claims for a '
                'potential class action lawsuit on behalf of affected '
                'individuals.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'exposure of sensitive personal data',
            'data_compromised': ['Names', 'Social Security numbers'],
            'identity_theft_risk': 'High (Social Security numbers exposed)',
            'legal_liabilities': 'Class action lawsuit investigation initiated '
                                 'by Murphy Law Firm',
            'systems_affected': ['Salesloft (vendor network)',
                                 'AppFolio files accessed via Salesloft']},
 'initial_access_broker': {'data_sold_on_dark_web': 'Potential (risk '
                                                    'highlighted in '
                                                    'description)',
                           'entry_point': "Salesloft's inadequately secured "
                                          'network',
                           'high_value_targets': 'AppFolio files containing '
                                                 'PII'},
 'investigation_status': 'Ongoing (forensic investigation completed; legal '
                         'investigation active)',
 'motivation': 'Data Theft / Financial Gain (potential sale on dark web or '
               'identity theft)',
 'post_incident_analysis': {'root_causes': 'Inadequate security measures at '
                                           'third-party vendor (Salesloft)'},
 'references': [{'date_accessed': '2025-10-08',
                 'source': 'Globe Newswire Press Release'},
                {'date_accessed': '2025-10-08',
                 'source': 'Murphy Law Firm Investigation Page',
                 'url': 'HERE (placeholder - exact URL not provided)'}],
 'regulatory_compliance': {'legal_actions': 'Potential class action lawsuit '
                                            '(under investigation by Murphy '
                                            'Law Firm)'},
 'response': {'communication_strategy': 'Public disclosure via Globe Newswire; '
                                        'customer notifications implied '
                                        "(reference to 'received notice')",
              'incident_response_plan_activated': 'Yes (forensic investigation '
                                                  'conducted)'},
 'threat_actor': 'Cybercriminals (unspecified)',
 'title': 'AppFolio Data Breach via Salesloft Third-Party Vendor',
 'type': 'Data Breach (Third-Party Vendor Compromise)',
 'vulnerability_exploited': 'Inadequately secured network (Salesloft)'}