Beyond the Drift Breach: Securing Non-Human Identities with Zero Standing Privileges

The Drift OAuth breach didn’t just expose one SaaS vendor — it exposed a systemic blind spot: the sprawling, ungoverned world of Non-Human Identities.

In case you missed it, in August 2025, attackers from UNC6395 exploited compromised OAuth tokens from Salesloft’s Drift integration—an AI chat tool—to access and exfiltrate data from Salesforce, including credentials like AWS keys and Snowflake tokens. 

This breach affected over 700 organizations and extended beyond Salesforce to integrations with Google Workspace and other platforms like Slack, AWS, and Microsoft Azure, just to name a few. 

The first line of response has prompted a complete revocation of Drift tokens and disabling of significant numbers of related app integrations.  

Since the initial news of the breach, we have learned that the attackers are combing through the exfiltrated stolen data in search of more tokens and credentials that they can use for further criminal activities.

In this blog, we’ll cover why Non-Human Identities like API tokens can cause serious security challenges for organizations and explore how smarter access management approaches can help to reduce risk without compromising on operational efficiency.

Why API Tokens are Risky

API tokens act like digital keys that let SaaS products and business systems talk to each other securely.

Instead of sharing a username and password, a token gives controlled, time-limited access to exactly the data or actions a system needs. This enables automation and collaboration between tools (like a SaaS app pulling data from a business system) while reducing the risk of exposing full credentials. 

But as we’ve seen here and in plenty of cases before, these tokens are exceedingly risky if they are compromised. And even more dangerous when they’re not managed properly. 

If we think about these tokens like the keys they are, then they are essentially keys to our kingdom with privileges that attackers can use to access our resources. 

These powerful tokens come with several significant challenges, including:

• Lack of visibility – Lots of people in the organization spin up tokens like all principals and NHIs, but nobody is really doing a sufficient job of tracking them. This means that they can sit around hidden in environments with their standing privileges, and nobody knows they are still there or how they’re being used.
  
• Poorly managed – When you don’t know what you have, it’s hard to manage them. Best practices call for rotating credentials and tokens but because of the lack of visibility and good processes, this can fall between the cracks. 
  
• Excessive privileges – Usually out of convenience, NHIs and principals are given way more privileges than they really need. This overprivilege unnecessarily expands the blast radius and can make an attack way worse if the principal is compromised.   
  
• Remediation is risky – Reducing risk for principals isn’t as straightforward as simply removing them or their privileges. Because principals, such as tokens, are built into infrastructure or processes, removing them can break workflows and impact the organization. The result is that many security teams prefer to risk an incident than break their infrastructure.
  
• Legacy tools haven’t caught up – IGA and PAM tools that were built for the on-prem era, when privileges were far more static and NHIs hadn’t really come on the scene yet, don’t provide sufficient solutions for principals. They cannot detect them, let alone manage them. More modern, dedicated NHI tools have improved visibility, but are less effective in reducing risk through effective access management. 

All of these problems are amplified by the sheer scale of NHIs. Industry research estimates ratios ranging from 40:1 today to projections of 100:1 or more with AI adoption.

And as organizations adopt more AI, this number is likely to skyrocket. The impact will be a massive expansion of the attack surface, providing even more opportunities for hackers to exploit the situation.

Attackers Targeting Identity in the Supply Chain

While attribution is far from a hard science, all signs point to this hack being the work of the loose collective of criminals associated with the Com. We usually read about them under names like LAPSUS$, Scattered Spider, and Shiny Hunters. 

These hackers have made a name for themselves in focusing on identity as their main point of entry and exploitation. They’ve been behind the MGM, Okta, Snowflake, and other big name hacks. They employ methods such as social engineering and possess a deep understanding of identity and access management (IAM) to compromise identities and infiltrate target systems.

What they have shown in their attacks is that they can exploit the human and non-human identities as part of a successful attack, compromising identities and leveraging their privileges to steal or encrypt targets’ data. 

There’s an argument to be made that these crews are far less technical than the hackers of the previous era who spent months looking for ways to exploit a vulnerability or find a zero day.

In many cases, they have been shown to simply buy access from a broker, pay off employees at the phone company for a SIM swap attack, or call up the help desk and ask for a password reset. 

But it’s not stupid if it works, and these criminals have the illicit paydays to prove it.

Unfortunately, these groups have discovered that while they can successfully target large enterprises, the path of least resistance is often to attack a vendor in a supply chain attack. 

Especially if the vendor is less mature in terms of security, they can exploit it to slither their way up the chain and become a bigger, richer target. 

If a vendor finds themselves targeted in a supply chain attack, it can have serious reputational, not to mention financial pains as companies are less likely to trust them with their data and access to their systems moving forward.

Actionable Takeaways – How to Protect Against the Salesloft Drift Incident

In the immediate aftermath of this incident, here’s what security teams can do right now to reduce exposure:

• Audit and revoke stale OAuth tokens.
• Rotate embedded secrets immediately.
• Enforce least privilege across OAuth scopes.
• Treat AI agents as first-class identities in your IAM model.

Moving Towards a Unified Approach for Human, Non-Human, and Agentic AI Identities

One of the key takeaways from this story is that we shift our mindset. Security must move from protecting only human access to governing every identity that can touch data, human or not.

The targeting of an AI tool here is interesting because it shows us that attackers understand that AI agents require a lot of access and freedom of movement between applications to be effective. That’s a lot of connectivity that can be exploited to gain access to different systems that they can take advantage of and it puts defenders in a bit of a conundrum that is as old as time.

Do we let our AIs run free and maximize the benefits of what they can give us or do we tightly control access to limit damage from abuse?

The challenge with Agentic AI is that it is: 

• Very much goal oriented
• Has no ability to think about if something is a good idea (like deleting your production DBs and then lying about it later) 
• Doesn’t behave like NHIs that have very predictable and repetitive actions 

An agent will access whatever it thinks it needs to in order to achieve its goal. In this way it’s like a human user. 

But the scale and lack of visibility of Agentic AI is going to be a challenge for security teams moving forward. 

So how should security teams think about mitigating risk from Agentic AI and all the rest?

How Apono Enables Secure NHI Access Management

Security teams need to take a flexible approach that breaks down the silos of human, non-human, and now Agentic AI identities, all of which are essentially on the same plane. It should matter less who or what the identity is and focus more on the access and how privileges are used. 

Remember that the hackers don’t see your environment as a silo, so you shouldn’t either. Move your human users over to Just-in-Time access for sensitive resources and reduce privileges for all, including your NHIs, based on what they actually use and your risk. 

From Apono’s approach, we put the focus on the principals and give admins granular controls over what privileges those principals, like API tokens, have. 

We start by providing full visibility and inventory management principles throughout your environment.

In practice, we detect risks like:

• Dormant Principals: Identities unused for 90+ days
  
• Unused Privileges: Granted but unexercised access
  
• Overprivileged Permissions: Permissions beyond actual usage needs
  

We then enable you to take remediation actions like :

• Quarantine: Isolate risky access with pre-built guardrails or ready-to-use JSON deny policies for your cloud
  
• Rightsize: Automatically adjust access to fit actual use
  
• Delete: Revoke access or delete principals that are no longer needed

There are some distinct advantages to the quarantine option because it allows you to:

• Take immediate mitigative action to eliminate risk without tearing out whole principals or NHIs, which can be highly disruptive to active workflows and infrastructure
• Implement deny policies within a principal to block usage of specific unused or otherwise risky privileges while leaving the others active
• These policies are managed in our Access Flow guardrails that are easy to manage and are quickly revertible, meaning that security teams can confidently take protective action

Embracing the Opportunities of AI in your Organization

Phishing, credential theft, and breaches happen. They will continue to happen because the financial incentives are there.  

We are past the stage of assuming breach. Now we need to assume that our identities (human and non-human like API tokens, service accounts, and more) are compromised. 

Attackers can now leverage all of their access privileges to not only access resources in your environments, but also to find more tokens, credentials, etc that they can use to continue their attack. This might be pivoting to additional systems or to your customers’ customers.

If your customers trust you to securely handle their data, then you need to make sure that you are taking sufficient precautions to protect them. As more incidents of big companies getting compromised by way of their vendors hit the headlines, we can expect them to demand more from their vendors if they want to do business with them.

As the business world becomes more and more connected with machine identities and AI agents relying on tools like API tokens to communicate with each other across platforms, organizations will have to step up their game to ensure that they are a step ahead of the criminals. 

This means being responsible by following best practices and embracing automation to handle the scale, but also not being afraid to embrace the opportunities that AI agents are offering us for greater productivity and growth. 

Ready to Take Action?

To learn more about how Apono is enabling organizations to confidently embrace the AI-driven future, reach out to us today and start the conversation.

Or, try our Cloud Assessment for NHIs to uncover hidden risks in your AWS environment and explore smart remediation solutions powered by Zero Standing Privileges.