Companies affected by the Salesloft breach continue to come forward and Zelle's parent EWS finds itself on the wrong side of New York Attorney General Letitia James, who filed suit to recoup Zelle users' losses after a series of scams perpetuated between 2017-2023. And the cost of fraud extends beyond the financial to impact many aspects of business.
Affects of Salesloft Drift Breach Widen
The reach and impact of attacks borne from a breach of Salesloft Drift is still coming into focus and may be more extensive than previously thought, as reports from those affected keep rolling in. The breach of the marketing software-as-a-service solution and subsequent cyberattacks were orchestrated by the threat actor UNC6395, which stole OAuth and refresh tokens then moved laterally to Salesloft customer’s systems where they nicked data. Discovery of the breach led Salesloft to those tokens in Drift and Salesforce to shut down integration of the solution to its platform.
Hidden Costs of Fraud Spread Throughout Business
Business is finally wising up to the hidden consequences of fraud. Most understand the financial losses—the Federal Trade Commission (FTC) estimates that number topped $10 billion in 2023, up 14 percent from the year before, a result mostly of account takeovers and new account fraud. But the effects of fraud extend beyond the financial with impacts to the business that are harder to measure, from skewering reputations and affecting brands to the perversion of analytics negatively impact business decisions. Mitigating can drain resources while regulators sit at the gate ready to impose fines. Expect the problem to worsen as AI-generated deepfakes and synthetic identity fraud proliferate.
New York Attorney General Wants to Make Zelle Pay Up for Scams
The Consumer Financial Protection Bureau (CFPB), decimated by the Trump administration, may have abandoned its lawsuit against Zelle over scams that brought financial pain to users over a six-year-period starting in 2017, but New York Attorney General Letitia James has picked up the fight. The AG has filed suit against Zelle’s parent Early Warning Services in an attempt to recoup a billion dollars in losses. The move is seen as a warning to payment systems that they need to tighten security and better protect users. then the company was sadly mistaken.
Google Patches Tow Zero-Day Flaws, More
Google has been busily patching and addressing a wave of vulnerabilities and software issues—its September security update covered a whopping 120 defects, including two zero-day vulnerabilities impacting Android devices that miscreants have already exploited. Those flaws, CVE-2025-38352 and CVE-2025-48543, come with high-severity ratings.
Mastercard and Infosys Team Up on Cross-Border Payments
An alliance between Mastercard and Infosys aims to address a long-standing challenge in the finance world: International transactions have long been associated with high costs, lack of transparency, and lengthy delays. By incorporating Mastercard’s own extensive global network directly into the core infrastructure of hundreds of banks worldwide, the two companies can create a single point of access that financial institutions can use to modernize their own payment services.