Skip to content

Cyber Attack on Klue: Data of LastPass Users and Salesforce Customers Stolen

The point: Cyber attack on Klue compromises data of Salesforce and LastPass users; organizations should reset passwords and verify API access.

In a cyber attack on Klue, data from Salesforce customers and LastPass users has been exposed. The data breach potentially affects thousands of organizations using the competitive intelligence tool.

Klue, a provider of competitive intelligence software, has become the target of a successful cyber attack. Attackers gained access to data from customer organizations, particularly including Salesforce and LastPass users. Reliable information on the exact scale of affected records is not yet available.

For a CISO, this incident has several critical implications: First, it demonstrates once again that even specialized B2B SaaS platforms with an established customer base are attack targets. Second, it becomes clear that integrations with other major services (Salesforce, LastPass) expand the attack surface – credentials or API keys could have been compromised indirectly. Third, affected organizations must monitor their Salesforce environments and LastPass accounts for suspicious activity.

As an immediate measure, security teams should verify whether their own organization uses or deploys Klue. If so: password changes, review of API authentication, and monitoring for anomalous access are required. In parallel, it should be clarified which data types leaked from the Klue instance – such as configuration data, API credentials, or customer lists.


Source: www.golem.de · Published 24 June 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.

Share on: