The unauthorized access occurred on June 12 when hackers utilized a compromised credential—likely a password or token—associated with an integration tool. This allowed the intruders to pivot into client cloud environments, including Salesforce databases. The stolen information primarily consists of business contact details, such as names, job titles, email addresses, and account metadata.
Major firms including Gong, Jamf, HackerOne, Insurity, OneTrust, Recorded Future, Snyk, Sprout Social, and Tanium have confirmed their data was compromised. The breach highlights a growing trend of attackers targeting middleware providers to harvest information from multiple organizations through a single point of failure. Following the discovery, Klue engaged incident response firm CrowdStrike and disconnected its integrations to halt further unauthorized access. While Icarus has threatened to publish the data unless a ransom is paid, Klue CEO Jason Smith has yet to address the specific demands or the timeline of the detection. The company, which underwent significant staff reductions last year to pivot toward AI, currently lacks a publicly listed executive overseeing its cybersecurity posture.
Comments (0)
No comments yet. Be the first!