3 min read

Salesforce informed its customers that it was facing a major issue with its service, early Friday morning, and mentioned that it was working towards resolving the issue soon. The popular cloud-based software company experienced an outage due to its faulty database script after the company made changes to its production environment. Due to this, users got access to a broad amount of data than intended where they could see all the company’s data irrespective of the permissions.

Salesforce said that the outage, which began on Friday and lasted just over 15 hours, is over – although some may experience a few issues as the platform gets back up to speed.

Salesforce’s chief technology officer and a co-founder, Parker Harris, acknowledged the issue at 12:40 p.m. Eastern time the same day, and tweeted that Salesforce employees were working on the problem.

According to reports on Reddit, users not only received read access but also received write permissions, thus, making it easy for malicious employees to steal or tamper with a company’s data.

Salesforce said the script only impacted customers of Salesforce Pardot or have used Pardot in the past. According to The Register, “To deal with the mess, Salesforce’s IT team has denied all access to more than 100 cloud instances that host Pardot users, shutting out everyone else using those same systems, whether or not they were using Pardot.” Customers who were not affected may have also experienced certain service disruptions including customers using Marketing Cloud integrations.

Salesforce customers in Europe and North America were the most impacted by the company shutting down access to its own service. Salesforce said, “We have started unblocking customers who were not affected by the permission issues.”

On the 18th, at 5.40 a.m. Eastern time, Salesforce, on its status page, announced that access had been restored for administrators of all organizations that had been affected by the permission issues. “We are preparing a set of instructions for admins that may need guidance on how to manually restore those permissions. As soon as the instructions are final, we will inform admins via an email that will contain a link to the instructions,” the company said.

The company further updated:

“We have restored administrators’ access to all affected orgs as of 08:04 UTC. We have prepared a set of instructions for admins that may need guidance on how to manually restore those user permissions. We notified admins via an email that contained a link to the instructions.

A subset of admins may still be experiencing issues such as logging in to their orgs, modifying perms that are uneditable, or timeouts.”

To know more about this in detail, visit Salesforce’s status page.

Read Next

DockerHub database breach exposes 190K customer data including tokens for GitHub and Bitbucket repositories

Facebook confessed another data breach; says it “unintentionally uploaded” 1.5 million email contacts without consent

Justice Department’s indictment report claims Chinese hackers breached business  and government network

A Data science fanatic. Loves to be updated with the tech happenings around the globe. Loves singing and composing songs. Believes in putting the art in smart.