📈 Read the 2025 Salesforce Threat Landscape Report
Back to blog

Shadow access in Salesforce: How overprivileged users become your next data breach

Not every Salesforce breach starts with a sophisticated exploit. More often, it’s something simpler — a forgotten role, a lingering permission, or an inactive account that never got deactivated. These hidden “shadow access” points turn overprivileged users into one of the biggest risks inside your CRM.

Andy Yoon August 20th, 2025

As Salesforce’s State of IT: Security report notes, security leaders today are walking a tightrope — balancing the drive for AI-powered innovation with the need to defend against threats like ransomware, data poisoning, and insider misuse.

It’s a balance that’s easily upset by one of the most overlooked risks in Salesforce: shadow access and overprivileged users.

In recent years, many Salesforce security incidents haven’t come from cutting-edge exploits or elite hackers, but from something far more mundane — too much access in the wrong hands.

Salesforce has become the nerve center for customer data and business operations. But in too many organizations, that nerve center is left exposed — not through a zero-day exploit, but through outdated, excessive, or forgotten permissions that linger long after they’re needed. This “permission creep” isn’t just an admin headache; in today’s AI-powered CRM environment, it’s a breach waiting to happen.

The hidden cost of convenience: how overprivilege creeps in

Most Salesforce environments weren’t built with long-term access hygiene in mind. What starts as a “temporary” permission set for a project often sticks around indefinitely. Roles accumulate access as users shift teams. Contractors are never fully deprovisioned. And when AI agents are introduced — acting on behalf of human users — things get even messier.

Over time, this leads to access sprawl: a tangle of profiles, permission sets, and forgotten users that grants far more power than anyone realizes.

The problem? These accounts — often long-tenured, inactive, or hybrid roles — don’t raise red flags. But they’re exactly what attackers look for when probing Salesforce environments.

Real-world risks: when access becomes an attack vector

We’ve seen it play out:

  • A former employee’s integration user is still active — and it gets hijacked to exfiltrate sensitive pricing data.
  • A sales exec’s account, with admin-lite permissions, is compromised — and used to modify sharing rules across multiple regions.
  • A third-party chatbot with broad visibility is exploited to surface customer support cases it was never meant to see.

These aren’t hypothetical scenarios. They’re signs of shadow access — permission granted, then forgotten, until someone else finds a use for it.

Here’s one real-world sequence:

  1. A contractor’s Salesforce login with “temporary” full object access was never deactivated.
  2. Their credentials were stolen through a password reuse attack.
  3. The attacker used API queries to extract thousands of customer records — unnoticed for nearly 90 days.

Why AI makes this problem worse

Agentforce-style automations are game-changers — but they amplify the dangers of poor access governance. We’ve already explored how AI agents can become high-speed threat vectors. Here, the issue is compounded: AI agents act within the boundaries of the user permissions they’re assigned.

If those permissions are overly broad, your AI can unintentionally become a supercharged threat actor:

  • Auto-generating reports with sensitive internal data
  • Making changes to records it was never meant to touch
  • Surfacing content via public-facing Experience Cloud pages

In short: bad access equals bad AI behavior — and the damage can scale fast.

How to audit and reduce shadow access in Salesforce

Cleaning up overprivileged users isn’t glamorous, but it’s one of the most effective ways to reduce your blast radius. Salesforce’s own best practices recommend a least-privilege model — granting only the minimum access needed for each role — and using tools like the User Access & Permissions Assistant to review, adjust, and revoke access as needed.

Here’s where to start:

  • Inventory active users: Identify all active accounts and compare against current HR and contractor records.
  • Map permissions to roles: Ensure every permission set aligns with actual job functions — not legacy assumptions.
  • Monitor dormant access: Flag accounts with login inactivity over 30–60 days for review or deactivation.
  • Segment AI agents: Create narrow-scoped, clearly defined roles for AI-driven integrations or bots.
  • Review sharing rules regularly: Make sure they reflect today’s business needs, not last year’s org chart.
  • Monitor Connected Apps: Regularly review OAuth scopes and remove unused or over-permissive apps.
  • Use Permission Set Groups wisely: Avoid stacking permissions in ways that create hidden privilege escalation.
  • Deactivate stale permission sets: Remove unused sets to reduce accidental assignments.

Shadow access is the new insider threat

In the age of AI-enhanced CRMs, overprivileged users aren’t just a governance concern — they’re an open door to misuse, misconfiguration, and malicious exploitation.

Salesforce provides robust native tools for role, permission, and access management — but the responsibility for using them effectively rests with you. Staying vigilant, enforcing least privilege, and regularly reviewing access is one of the simplest, most cost-effective ways to shrink your attack surface.

Because the biggest risk isn’t what attackers can break into — it’s what you’ve already given them the keys to.

Andy Yoon
Andy Yoon helps businesses navigate an ever-evolving threat landscape, backed by 15 years of cybersecurity expertise. As a Solutions Consultant for WithSecure Cloud Protection for Salesforce, he partners with enterprises, Salesforce teams, and global consulting firms to address emerging cyber risks. Driven by a passion for technology and collaboration, Andy excels at turning complex security challenges into practical, impactful solutions.