Gainsight

Gainsight, a customer management software firm, experienced a security breach that compromised a limited number of its clients' data. The incident was confirmed by CEO Chuck Ganapathi and involved the exposure of Salesforce customer tokens, which are critical for authentication and access control within Salesforce ecosystems. While the breach did not result in a large-scale data leak, the compromise of these tokens poses risks such as unauthorized access to customer accounts, potential phishing attacks, or further exploitation of linked systems. The breach highlights vulnerabilities in third-party integrations, particularly those tied to major platforms like Salesforce. Although the impact was contained to a subset of clients, the exposure of authentication tokens could lead to reputational damage for Gainsight, erosion of customer trust, and potential financial repercussions if affected clients face downstream security incidents. The company has not disclosed whether the breach was due to a targeted cyber attack, a vulnerability exploitation, or an internal misconfiguration, but the involvement of Salesforce tokens suggests a sophisticated intrusion method.

Source: https://www.scworld.com/brief/american-hospital-dubai-breach-purportedly-compromised-450m-records

TPRM report: https://www.rankiteo.com/company/gainsight

"id": "gai3653836120125",
"linkid": "gainsight",
"type": "Breach",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Limited number of clients',
                        'industry': 'Technology / SaaS',
                        'name': 'Gainsight',
                        'type': 'Customer Management Software Firm'},
                       {'industry': 'Technology / Cloud Services',
                        'name': 'Salesforce (indirectly impacted via tokens)',
                        'type': 'CRM Platform'}],
 'data_breach': {'sensitivity_of_data': 'High (authentication tokens)',
                 'type_of_data_compromised': ['Salesforce customer tokens']},
 'date_publicly_disclosed': '2025-11-26',
 'description': 'A limited number of Gainsight clients had their data '
                'compromised following a breach of the customer management '
                "software firm's systems, which impacted Salesforce customer "
                'tokens.',
 'impact': {'data_compromised': True,
            'systems_affected': ['Salesforce customer tokens']},
 'references': [{'date_accessed': '2025-11-26', 'source': 'CyberScoop'}],
 'response': {'communication_strategy': {'public_disclosure_by': 'CEO Chuck '
                                                                 'Ganapathi'}},
 'title': 'Gainsight Data Breach Impacting Salesforce Customer Tokens',
 'type': 'Data Breach'}

Gainsight

FullBeauty Brands, Inc., CUUP, ELOQUII and Jessica London: FullBeauty Brands Data Breach Investigation

OCHIN Inc. and Baltimore City Health Department: Baltimore City Health Department investigating data breach involving third-party system

Waltio: French Authorities Investigate Data Breach Affecting Crypto Tax Platform