On February 27, 2025, Zapier detected that an unauthorized user had accessed some of its internal code repositories due to a two-factor authentication (2FA) misconfiguration on an employee’s account. While the breach did not affect production systems, databases, or payment infrastructure, the company discovered that some customer data had been inadvertently copied into the affected repositories for debugging purposes. Once the intrusion was identified, Zapier immediately revoked the attacker’s access and began auditing the incident.
In a communication to customers, Zapier disclosed that some user information—such as plaintext authentication tokens embedded in debugging logs—may have been exposed. While core authentication systems were not compromised, Zapier urged impacted users to rotate any exposed credentials and activate 2FA on their accounts.