CSO Online

Klue breach exposed Salesforce CRM data through stolen OAuth tokens

An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce ...
The Hacker News

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Salesforce disabled Klue Battlecards integration after attackers used compromised OAuth tokens to access customer CRM data ...

LastPass Salesforce Data Breach in Klue OAuth Token Hack Linked to Icarus Group; Customer Info Exposed, Vaults Remain Secure

LastPass confirms Salesforce data exposure after Klue OAuth token theft in supply chain attack linked to Icarus group; ...
DataBreachToday

Klue Confirms OAuth Token Theft Led to Salesforce Data Heist

Marketing intelligence platform Klue confirmed an attacker breached its infrastructure, saying they used "a compromised ...

LastPass confirms data breach in Klue supply chain attack

LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth ...
Dark Reading

Scope of Salesforce Attacks Expands as Icarus Leaks Data

More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' ...
DataBreachToday

Attackers Steal Salesforce Data From Klue Battlecards Users

Salesforce disabled connections to its customer relationship management environment from third-party app Klue Battlecards as ...
Dark Reading

Salesforce Data Thefts Continue via Klue App Compromise

More Salesforce instances have been breached by threat actors abusing a third-party application integration, this time through Klue's Battlecards app. The attacks, which are the latest in a series of ...
Bleeping Computer

Klue OAuth breach victim list grows as Icarus hackers claim attack

ReliaQuest observed attackers generating OAuth tokens and using Python scripts to query Salesforce's API for extended periods, as data was stolen. Huntress later disclosed that its own Salesforce ...