On August 26, 2025, Salesloft Drift disclosed a security incident, prompting Elastic to activate its incident response protocols due to using Drift for certain business applications. Elastic's investigation confirmed that its Salesforce environment was unaffected but identified that a single email account linked to the Drift Email integration had been compromised, potentially allowing unauthorized read-only access to emails containing valid credentials. Elastic promptly notified affected customers and took immediate action by disabling Drift integrations, reviewing access logs, and coordinating with vendors to assess the incident's scope further. Elastic remains dedicated to transparency and data protection, continuing to monitor developments and pledging to update stakeholders as more information becomes available.