Klue Supply Chain Breach Leads to Salesforce Data Exfiltration (Incident)
ID: 4a294e5e-52be-51c6-a8c0-b0aee1da55cb
STIX ID: report--4a294e5e-52be-51c6-a8c0-b0aee1da55cb
Feed Name: Wiz Cloud Threat Landscape
Threat Score
Date Published: 2026-06-18
Date Updated: 2026-07-02
Author: [email protected] (Wiz Threat Research)
...
...
Klue experienced a supply-chain compromise where attackers deployed code to harvest customer OAuth tokens from Klue backend systems and used those tokens to access and exfiltrate Salesforce and other integrated platform data (CRM records, contacts, pricing, sales communications) via automated queries to Salesforce REST API endpoints over extended periods.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
