logo

Security shops among the 'hundreds' of Klue hack victims

ID: 8116ab88-94a0-5aff-a409-d30ed3395ff1

STIX ID: report--8116ab88-94a0-5aff-a409-d30ed3395ff1

Feed Name: The Register (Security)

Threat Score
75/100

Date Published: 2026-06-22

Date Updated: 2026-06-23

...
...

Klue suffered a supply-chain breach in which a compromised legacy credential allowed attackers to steal OAuth tokens and exfiltrate Salesforce CRM data from a portion of its integrations; an extortion group calling itself Icarus is posting victims and contacting affected companies. Several security vendors (including Huntress, Recorded Future, Tanium, Jamf, Gong, HackerOne, Kudelski, Snyk, Insurity, and Sprout Social) reported CRM data exposure; Klue disconnected integrations and engaged CrowdStrike while investigators urge customers to audit logs and rotate credentials.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.