DSC A.I CyberSecurity Scoring
DSC
Company Information
Website:http://www.datorama.com
Employees number:89
Number of followers:0
NAICS:5112
Industry Type:Software Development
Homepage:datorama.com
DSC Risk Score (AI oriented)
Between 750 and 799
DSCSoftware Development
Updated:
01/04/2026
01/04/2026
785/1000
Fair
Baa
DSC Global Score (TPRM)
xxxx
DSCSoftware Development
Score locked

DSCFair
Current Score
785Baa (FAIR)
01000
1 incidents
-63 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
788
JUNE 2026
787
MAY 2026
786
APRIL 2026
785
MARCH 2026
785
FEBRUARY 2026
784
JANUARY 2026
784
DECEMBER 2025
689
NOVEMBER 2025
752
Breach
20 Nov 2025 • DSC
Salesforce (via Gainsight breach)
Unauthorized Access to Salesforce Customer Data via Gainsight Managed Package
689
CRITICAL-63
DAT1804218112125
Salesforce confirmed unauthorized access to customer data via a Gainsight-managed package, a third-party SaaS connector integrated through OAuth. The breach exploited Gainsight’s compromised credentials, allowing attackers (claimed by ShinyHunters) to extract data from Salesforce instances without directly hacking Salesforce’s core infrastructure. The incident mirrors a prior Salesloft supply-chain attack, where attackers leveraged connected apps to pivot into victims’ Salesforce environments. While Salesforce denied platform vulnerabilities, the breach highlights risks of token theft, over-permissive OAuth scopes, and third-party app sprawl. The hackers threatened double extortion, hinting at stolen data from hundreds of organizations, though the exact scale and data types (e.g., customer PII, corporate records) remain unverified. Gainsight’s status page acknowledged a Salesforce connection issue but avoided labeling it a breach. The attack vector—compromised vendor tokens accessing Salesforce APIs—underscores systemic risks in SaaS supply chains, where long-lived tokens and broad permissions enable lateral movement. Customers were urged to rotate OAuth tokens, audit app permissions, and monitor logs for anomalous exports. The incident reinforces warnings from CISA about cloud-to-cloud compromises via third-party integrations, with potential fallout including reputational damage, regulatory scrutiny, and customer churn if sensitive data was exposed.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
OCTOBER 2025
752
SEPTEMBER 2025
752
AUGUST 2025
752
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for DSC ??
What was DSC's A.I Rankiteo Cyber Score in June 2026 ??
What was DSC's A.I Rankiteo Cyber Score in May 2026 ??
What was DSC's A.I Rankiteo Cyber Score in April 2026 ??
What was DSC's A.I Rankiteo Cyber Score in March 2026 ??
What was DSC's A.I Rankiteo Cyber Score in February 2026 ??
What was DSC's A.I Rankiteo Cyber Score in January 2026 ??
What was DSC's A.I Rankiteo Cyber Score in December 2025 ??
What was DSC's A.I Rankiteo Cyber Score in November 2025 ??
What was DSC's A.I Rankiteo Cyber Score in October 2025 ??
What was DSC's A.I Rankiteo Cyber Score in September 2025 ??
What was DSC's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on DSC's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with DSC ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view DSC's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?