FotolEdhar - Fotolia

Salesforce completes Pardot fix after 12 days’ disruption

Plug was pulled on 17 May after a data script went wrong. Most users have had full access since 18 May, but 10 services remained down

It has taken 12 days for Salesforce to restore its service fully after it pulled the plug following a bug in a database script that caused unauthorised access to data.

On its status page, Salesforce said the service disruption occurred after it inadvertently rolled out a flawed database script at 2.45pm BST on 17 May.

The cloud service was restored for most customers on 18 May after the company accidentally rolled out a script with a database bug, which enabled any user to gain access to certain data held in their organisation’s Salesforce instance.

While most services were back online the day after Salesforce discovered the flaw, it blocked access to CS26, CS51, CS63, CS66, CS69, CS84, CS85, CS90, CS3 and CS82 instances. On 29 May, it finally rolled out a fix to enable it to restore these services.

The outage, caused by a faulty database script in its Pardot marketing automation service, allowed users to see and edit all of their company’s data, regardless of permission settings. Salesforce responded by cutting off access for current and past Pardot customers while it developed a fix to resolve the faulty script.

In a post describing the issue, Salesforce said: “The script was only intended to be applied to a subset of organisations that use Pardot. That change, however, was inadvertently applied to all users across Salesforce organisations that have, or previously had a Pardot licence, giving those users elevated permissions for entities to which they had access within their organisations.”

It claimed that only users within an impacted organisation would gain additional permissions for data. “To remedy those permissions, Salesforce temporarily reduced permissions on instances, which caused the service disruption,” it said.

Following the original incident on 17 May, it took Salesforce almost 24 hours to restore system admin access for customers that it determined were not impacted by the database script issue.

It said it has now completed testing and validation of a fix to restore permissions for users of those instances that have remained blocked since 17 May. It said the fix has been deployed on all these instances.

Read more about Salesforce

Read more on Business applications

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close