OAuth Tokens Are the Unwatched Back Door: Drift Breach Shows the Cost

OAuth grants issued to AI tools, automation platforms, and productivity apps don’t expire, don’t reset when passwords change, and rarely sit under any centralized monitoring. Material Security research finds 80% of security leaders rate unmanaged OAuth grants as a critical or significant risk, yet 45% do nothing to monitor them at scale and another 33% rely on spreadsheets and ad hoc reviews. Perimeter controls and MFA are irrelevant here — a stolen refresh token is a legitimate credential that bypasses both.

The Salesloft Drift breach made the attack pattern concrete. UNC6395, tracked by Palo Alto Unit 42, obtained valid OAuth refresh tokens for Drift’s Salesforce integration and used them to pull data from over 700 customer environments, including Cloudflare and PagerDuty, then mined the exports for AWS keys, Snowflake tokens, and passwords. Nothing about the access looked anomalous at the perimeter because the app’s grant was legitimate; the trust decision had been made at installation and never revisited.

Point-in-time scope checks miss this entire failure mode. Effective controls require continuous behavioral monitoring of the API calls each connected app actually makes, blast-radius scoring tied to the privilege level of the linked account, and graduated response that auto-revokes obvious threats while routing ambiguous cases to humans. Material’s OAuth Threat Remediation Agent packages those three signals for Google Workspace, but the broader point stands regardless of vendor: OAuth volume will keep growing with AI adoption, and installation-time trust is no longer a sufficient control.