The security failure came to light when hackers, identifying themselves as the group Icarus, gained unauthorized access to Klue’s systems on June 12. By exploiting this legacy credential, the attackers secured OAuth tokens, allowing them to siphon data from third-party cloud environments and databases. The group is currently attempting to extort the affected companies, threatening to leak the stolen information if their ransom demands go unmet.
Klue spokesperson Katie Berg confirmed the credential was originally issued for a limited pilot project two years ago. However, the company has remained silent on why the access remained active long after the project concluded. Klue has declined to identify the third-party partner involved or explain how the credential was compromised, stating only that it was linked to an integration service. As internal investigations continue, the firm reports it is reviewing its vendor-access controls and credential management protocols to prevent a recurrence of the incident.
Comments (0)
No comments yet. Be the first!