The unauthorized access occurred on June 12 when hackers utilized a compromised credential—likely a password or token—associated with an integration tool. This allowed the intruders to pivot into client cloud environments, including Salesforce databases. The stolen information primarily consists of business contact details, such as names, job titles, email addresses, and account metadata.
In section Startups & Technology
Hackers breach market intelligence firm Klue, exposing cybersecurity data
A group identifying as Icarus has claimed responsibility for a security breach at Vancouver-based Klue, exposing sensitive corporate data from high-profile cybersecurity clients. By exploiting a single legacy credential, the attackers gained access to integrated cloud databases, raising concerns about the risks inherent in centralized middleware platforms.
Major firms including Gong, Jamf, HackerOne, Insurity, OneTrust, Recorded Future, Snyk, Sprout Social, and Tanium have confirmed their data was compromised. The breach highlights a growing trend of attackers targeting middleware providers to harvest information from multiple organizations through a single point of failure. Following the discovery, Klue engaged incident response firm CrowdStrike and disconnected its integrations to halt further unauthorized access. While Icarus has threatened to publish the data unless a ransom is paid, Klue CEO Jason Smith has yet to address the specific demands or the timeline of the detection. The company, which underwent significant staff reductions last year to pivot toward AI, currently lacks a publicly listed executive overseeing its cybersecurity posture.
Comments (0)
No comments yet. Be the first!