OneDigital Latest to Warn Clients of Salesforce Data Breach

Personal data belonging to up to 28,414 people were compromised on August 12, 2025, according to a data breach notification filed by OneDigital Investment Advisors LLC with the Maine attorney general’s office last week.

The notification revealed that on August 22, OneDigital was informed by Salesforce Inc., its customer relationship platform provider, of possible security breaches involving Salesforce and Drift, an online chat tool managed by OneDigital’s former CRM platform, Salesloft. OneDigital’s investigation of the issue found that between August 12 and 18, 2025, certain data stored in Salesforce were “potentially accessed and copied by an unauthorized actor” due to a compromise in the Drift application, according to the filing. The information involved varied by customer and included names and Social Security numbers.

OneDigital is the latest industry firm to fall victim to the Salesforce/Salesloft data breach. FINRA released a cybersecurity alert to all its member firms notifying them of a supply chain breach through the Drift chatbot integration that compromised the data from more than 700 organizations between August 8 and August 18, 2025. According to an article WTW published about the incident, Salesloft disclosed the breach on August 20 last year, “initially downplaying the scope.” However, investigations by Google’s Threat Intelligence Group and Palo Alto Networks’ Unit 42 revealed that the breach extended beyond Salesforce, as the OAuth tokens stolen as part of the Drift breach enabled attackers to access platforms integrated with Salesloft, including Salesforce, Slack and Open AI, among others.

OneDigital began mailing notices of the breach to Maine residents—73 of whom had data exposed—on or about April 8, the filing showed. The mailing stated that OneDigital immediately took steps to confirm the security of its systems and investigated the incident. The firm is offering clients several months of complimentary credit and identity monitoring services in response to the incident, according to the mailing. The firm also encouraged customers to remain vigilant against incidents of identity theft and fraud by reviewing their bank and credit card statements over the next 12 to 24 months.

OneDigital’s filing with the Maine attorney general stated that the firm is reviewing its “policies, procedures and processes” related to the storage of sensitive information to prevent repeated incidents.

Recent breaches within the industry extend far beyond the August 2025 Salesforce incident. According to another breach notification filed to the Maine AG’s office earlier this year, Hightower suffered a security issue in early January, comprising sensitive information of approximately 131,483 individuals. Also, in July 2025, a “malicious threat actor” hacked into a third-party CRM system used by the Allianz Life Insurance Co. of North America, exposing data belonging to most of the firm’s 1.4 million U.S. customers.

OneDigital did not respond to a request for comment.

As of September 30, 2025, OneDigital advised more than $151 billion in client assets.