logo

Klue Supply Chain Breach Leads to Salesforce Data Exfiltration (Incident)

ID: 4a294e5e-52be-51c6-a8c0-b0aee1da55cb

STIX ID: report--4a294e5e-52be-51c6-a8c0-b0aee1da55cb

Feed Name: Wiz Cloud Threat Landscape

Threat Score
80/100

Date Published: 2026-06-18

Date Updated: 2026-07-02

Author: [email protected] (Wiz Threat Research)

...
...

Klue experienced a supply-chain compromise where attackers deployed code to harvest customer OAuth tokens from Klue backend systems and used those tokens to access and exfiltrate Salesforce and other integrated platform data (CRM records, contacts, pricing, sales communications) via automated queries to Salesforce REST API endpoints over extended periods.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.