logo

Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats

ID: 5f0167a2-baa3-5a04-ae0f-797d5feaea09

STIX ID: report--5f0167a2-baa3-5a04-ae0f-797d5feaea09

Feed Name: TechCrunch Security News

Threat Score
75/100

Date Published: 2026-06-25

Date Updated: 2026-06-26

Author: Lorenzo Franceschi-Bicchierai

...
...

Klue confirmed a June 12 security breach in which the threat actor Icarus stole customer data and OAuth authentication tokens—enabling access to customers' clouds and databases—and sought to extort Klue; Icarus says it is deleting the stolen data. Multiple high-profile Klue customers reported impact, and a second unnamed gang has posted alleged samples and is attempting to extort affected companies; Klue attributes initial access to a 2022 third-party credential used in a limited pilot and is advising customers not to pay the secondary extortionists.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.