Toast's Security Update Regarding the Salesloft Drift Incident

The security and privacy of our customers' information is core to Toast’s mission to enable businesses to thrive. In the interest of transparency, we wanted to share what we’ve learned about the security incident at Salesloft Drift and its limited impact on Toast. 

What happened?

On August 26, 2025, Toast was made aware of a security issue in Salesloft’s Drift application, a third-party chat support tool that connects to Salesforce, Toast’s customer relationship management system. Upon learning of the issue, we disconnected the app and invalidated Drift’s tokens, preventing any further exposure through this channel. 

Further information from Salesloft indicated that a threat actor had compromised its systems and that the impact was widespread across its customer base. Toast simultaneously launched our own forensic investigation to understand the scope of the impact to our customers.  

Our investigation indicates that between August 12, 2025, and August 15, 2025, an actor used credentials stolen from Salesloft to run queries in a small number of tables within our Salesforce instance that contained limited customer information. 

What data was impacted?

The query results were limited to contact information, support case content, and logs and configuration information associated with Toast’s Salesforce instance. These categories may include: 

• Contact information may include name, email, and business address. 

• Support case content may include correspondence and automated notices about services our customers have requested, such as hardware lease status, pricing and rate inquiries, technical support requests, links to documents (only accessible to the intended recipient), billing questions, and associated case numbers, and any other information a customer may have chosen to share in a support case interaction. 

• Logs and configuration data includes information and metadata related to Toast sales and marketing processes. 
  

What should Toast customers do?

While we advise customers not to include sensitive information in support cases, and we have not uncovered evidence that credentials were compromised, there are steps customers can take to mitigate their risk of exposure: 

1. Periodically rotate your credentials for Toast systems.

2. Enroll in multi-factor authentication for your Toast login

3. Regularly review employees with access to sensitive information to ensure that access is not broader than it needs to be.

4. Stay vigilant against scam attempts impersonating Toast, your bank, or other vendors. If you suspect there has been a scam attempt, immediately disengage from the call, text, or email and contact the entity directly. 
   

We take the security and privacy of our customers' information very seriously and regret any inconvenience this may cause. For more information, please reference the Salesloft Drift Breach Disclosure. If you have further questions about this incident, please reach out to Toast Support.