More Cybersecurity Firms Disclose Impact From Klue Hack

Klue, a market intelligence platform, was compromised via legacy credentials leading to OAuth token theft for Salesforce integrations. At least nine cybersecurity firms including HackerOne, Huntress, Recorded Future, and Snyk had customer data exfiltrated. Stolen data includes sales accounts, contacts, names, emails, and phone numbers accessible to threat actor Icarus with extortion demands.

HIGHAdvisoryJun 22, 2026

Action required

Immediately audit Salesforce OAuth token grants and revoke any connected integrations to Klue. Review Salesforce audit logs for June 11-12 and beyond for unauthorized data access or export activity. Force password reset for any accounts with Klue integrations.

Affected products

KlueSalesforceHackerOneHuntressRecorded Future

Linked articles

More Cybersecurity Firms Disclose Impact From Klue Hack

Source links

https://www.securityweek.com/more-cybersecurity-firms-disclose-impact-from-klue-hack/