Gainsight

Gainsight, a customer success management software firm, experienced a security breach that compromised a limited number of its clients' data. The incident was linked to the exposure of Salesforce customer tokens, which are critical for authentication and access within the Salesforce ecosystem. CEO Chuck Ganapathi confirmed that while the breach impacted Gainsight’s systems, only a subset of clients had their data compromised. The nature of the breach suggests unauthorized access to sensitive customer-related credentials, potentially enabling further exploitation if misused. Although the exact scope of the stolen data remains undisclosed, the involvement of Salesforce tokens indicates a risk of downstream attacks, such as unauthorized access to client accounts or systems integrated with Gainsight. The breach underscores vulnerabilities in third-party SaaS platforms and the cascading risks posed by credential-based attacks in enterprise software supply chains.

Source: https://www.scworld.com/brief/nova-scotia-power-breach-impact-detailed

TPRM report: https://www.rankiteo.com/company/gainsight

"id": "gai55104855112725",
"linkid": "gainsight",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Limited number of clients',
                        'industry': 'Technology / SaaS',
                        'name': 'Gainsight',
                        'type': 'Customer Management Software Firm'},
                       {'industry': 'Technology / Cloud Services',
                        'name': 'Salesforce (indirectly impacted via tokens)',
                        'type': 'CRM Platform'}],
 'customer_advisories': {'disclosed_by': 'CEO Chuck Ganapathi',
                         'scope': 'Limited number of clients affected'},
 'data_breach': {'sensitivity_of_data': 'High (authentication tokens)',
                 'type_of_data_compromised': ['Salesforce customer tokens']},
 'date_publicly_disclosed': '2025-11-26',
 'description': 'A limited number of Gainsight clients had their data '
                'compromised following a breach of the customer management '
                "software firm's systems, which impacted Salesforce customer "
                'tokens.',
 'impact': {'data_compromised': True,
            'systems_affected': ['Salesforce customer tokens']},
 'initial_access_broker': {'high_value_targets': ['Salesforce customer '
                                                  'tokens']},
 'references': [{'date_accessed': '2025-11-26', 'source': 'CyberScoop'}],
 'response': {'communication_strategy': {'public_disclosure_by': 'CEO Chuck '
                                                                 'Ganapathi'}},
 'title': 'Gainsight Data Breach Impacting Salesforce Customer Tokens',
 'type': 'Data Breach'}

Gainsight

FullBeauty Brands, Inc., CUUP, ELOQUII and Jessica London: FullBeauty Brands Data Breach Investigation

OCHIN Inc. and Baltimore City Health Department: Baltimore City Health Department investigating data breach involving third-party system

Waltio: French Authorities Investigate Data Breach Affecting Crypto Tax Platform