Recently, it was reported that the database system of Klue, a business marketing intelligence company, was hacked in a supply-chain attack. The application was exposed to hackers to obtain data from other companies that are Klue’s own customers.
The hackers, who call themselves Icarus, used the compromised Klue Battlecards application to gain access to OAuth tokens that are usually used to connect Klue with third-party integrations such as Salesforce, LastPass, Huntress. Salesforce in particular reported that the customer relationship management (CRM) data of several hundred of their customers was stolen by the hacking group.
As for LastPass, they reported that the hackers stole data such as customer names, phone numbers, email addresses, physical addresses as well as customer support case data and sales-related data.
While this data breach is considered very serious, all parties have confirmed that their platforms are still intact, with the data vulnerability being seen through the Klue Battle Card application which gave the hacker access to their database.
Salesforce and LastPass have also ended support for access to the Klue platform including OAuth authorization, APIs, etc. This includes conducting an investigation into how this hacking attack could have occurred and how these companies’ data could have been leaked through it.
