Customer experience (CX) platforms are rapidly becoming a major cybersecurity blind spot, processing billions of unstructured interactions annually – from survey responses to social media feeds and call center transcripts – and feeding that data directly into AI engines that control critical business functions. A recent wave of breaches, including the Salesloft/Drift incident impacting over 700 organizations, has exposed a critical gap in security operations: a lack of visibility into the data ingested by these AI-powered CX systems.
The Salesloft/Drift breach, as detailed in reports, demonstrated a sophisticated attack chain. Attackers compromised Salesloft’s GitHub environment, stole Drift chatbot OAuth tokens, and gained access to Salesforce environments belonging to prominent companies like Cloudflare, Palo Alto Networks, and Zscaler. Crucially, the attackers didn’t deploy malware; instead, they scanned the stolen data for sensitive credentials like AWS keys, Snowflake tokens, and plaintext passwords. This highlights a shift in attack tactics, favoring legitimate access over traditional malware-based intrusions.
According to CrowdStrike’s Threat Hunting Report, 81% of interactive intrusions now leverage legitimate access rather than malicious software. Cloud intrusions specifically surged by 136% in the first half of . This trend underscores the increasing effectiveness of exploiting existing system permissions and trusted relationships, a tactic perfectly suited to the architecture of modern CX platforms.
The Six Blind Spots
The vulnerability stems from a fundamental miscategorization of CX platforms by security teams. As Assaf Keren, chief security officer at Qualtrics and former CISO at PayPal, explained to VentureBeat, “Most security teams still classify experience management platforms as ‘survey tools,’ which sit in the same risk tier as a project management app. This is a massive miscategorization. These platforms now connect to HRIS, CRM, and compensation engines.” Qualtrics alone processes 3.5 billion interactions annually, a figure that has doubled since , demonstrating the scale of data flowing through these systems.
VentureBeat’s investigation identified six key control failures contributing to this security gap:
- DLP Inability to Analyze Unstructured Data: Traditional Data Loss Prevention (DLP) systems are designed to identify structured Personally Identifiable Information (PII) like names, emails, and payment details. However, CX platforms ingest vast amounts of unstructured data – open-text survey responses, customer complaints, and social media sentiment – which often contains sensitive information that doesn’t match standard PII patterns. When this data is exported to AI engines, DLP systems fail to detect the potential leakage.
- Zombie API Tokens: OAuth tokens granted to CX platforms for integration with other systems (HRIS, CRM, etc.) often remain active long after the associated campaigns or projects have ended. These “zombie” tokens represent persistent lateral movement pathways for attackers. JPMorgan Chase CISO Patrick Opet highlighted this risk in an open letter, warning about the inherent trust placed in SaaS integrations and the vulnerability of inadequately secured tokens.
- Lack of Bot Mitigation for Public Input Channels: Web application firewalls (WAFs) protect web applications from malicious HTTP payloads, but they don’t extend to data ingested from public sources like Trustpilot reviews or Google Maps ratings. Fraudulent or malicious sentiment flooding these channels can bypass perimeter controls and poison the data feeding AI engines.
- Lateral Movement Through Approved API Calls: Attackers are increasingly focused on “logging in” rather than “breaking in,” as CrowdStrike’s chief business officer, Daniel Bernard, put it. Exploiting legitimate credentials allows attackers to export large volumes of data through approved API calls, which security information and event management (SIEM) systems often fail to flag as anomalous behavior.
- Non-Technical Users with Admin Privileges: Marketing, HR, and customer success teams often configure CX platform integrations without sufficient security oversight. This can lead to shadow IT configurations and admin accounts with excessive privileges that are not regularly reviewed by security teams.
- PII Exposure Before Masking: Employee surveys and customer feedback often contain sensitive personal information – salary grievances, health disclosures, account details – that is not immediately masked or classified as PII before being stored in databases. This creates a significant risk of data exposure in the event of a breach.
The core issue is a lack of dedicated security focus on CX platforms. While SaaS security posture management (SSPM) tools have matured for platforms like Salesforce and ServiceNow, CX platforms have largely been overlooked. There’s a critical need for continuous monitoring of user activity, permissions, and configurations within these platforms, as well as automated policy enforcement for AI workflows processing CX data.
Security teams are beginning to adapt, extending SSPM tools and deploying API security gateways. However, a more comprehensive solution is needed – one that provides dedicated CX-layer security with real-time visibility into data access, misconfigurations, and policy violations. The recent integration of CrowdStrike’s Falcon Shield and the Qualtrics XM Platform represents an early step in this direction.
Beyond the technical risks, there’s a business impact that often goes unmeasured. As Keren emphasized, “When we use data to make business decisions, that data must be right.” A compromised AI engine making flawed decisions based on poisoned data can have far-reaching consequences, impacting compensation, customer relationships, and overall business strategy. Addressing this gap requires collaboration between CISOs, CIOs, and business unit owners to define and enforce data integrity standards across the entire CX ecosystem. The initial step, Keren advises, is to audit and revoke zombie tokens – a common starting point for Drift-scale breaches.
