BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Salesforce disables Klue app after data breach

Klue breach via legacy credential exposes customer data through stolen OAuth tokens

  • Security firm Klue suffered a breach via a legacy credential, allowing hackers to steal OAuth tokens and access customer data on integrated platforms.
  • The incident led Salesforce to disable the Klue Battlecards app integration, confirming the issue originated from the app’s connection, not its own platform.
  • Cyber extortion group Icarus compromised sales-related data from customers like Huntress, demanding contact within 48 hours.
  • The attack methodology mirrors previous third-party OAuth token abuses targeting CRM systems, highlighting a persistent security gap.
  • Klue has revoked affected tokens and launched an investigation, directly assisting impacted customers.

Salesforce disabled the Klue Battlecards app integration on June 11, 2026, after detecting unusual activity that exposed customer data, according to an alert published this week. The cloud software giant stated the security incident was limited to the app’s connection and not a vulnerability within its own platform.

- Advertisement -

Consequently, organizations cannot connect to Salesforce via the app until further notice. The company noted the action was taken because the activity may have resulted in unauthorized access to customer data.

Meanwhile, the extortion group Icarus claimed responsibility for compromising Klue and exfiltrating data from its customers. Cybersecurity company Huntress confirmed its sales-related data was copied from its Salesforce account. Huntress said the breach did not affect threat data, passwords, or payment card information.

Klue’s CEO, Jason Smith, explained the attackers gained access through a compromised legacy credential on June 12. He said the intruders used that access to obtain OAuth tokens connecting Klue to third-party platforms like Salesforce.

Subsequently, the threat actors pushed a code update to collect these tokens and directly query customer CRM tools. By June 16, some Huntress employees received emails from Icarus demanding communication within 48 hours regarding the stolen data.

- Advertisement -

Security researchers have linked this attack to a known third-party OAuth-abuse playbook. ReliaQuest analysts Thassanai McCabe and Alexa Feminella said the adversary ran automated Python scripts for bulk data retrieval over nearly 24 hours.

Klue has since revoked the affected credentials and tokens while removing unauthorized code. The company is assisting impacted customers directly as the investigation continues.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Ethereum May Be Forming Short-Term Bottom, Says Ex-BofA Strategist

Ethereum may be forming a short-term bottom, according to a chart shared by Tom...

Tesla BTC stash plunges 66% despite Bitcoin’s 30% rally

Tesla's Bitcoin holdings have lost two-thirds of their value despite the cryptocurrency appreciating more...

Bitcoin miner AI rally draws scrutiny over insider stock sales

Publicly traded Bitcoin miners saw sharp stock gains after pivoting to AI, but insider...

New Webinar: Outpace AI Attacks with Zero Trust

AI-powered attacks, like the Mythos model, now execute in minutes what previously took attackers...

Amazon Stock Drops 13%: Should You Sell or Hold Before Earnings?

Amazon shares fell 13% into a correction amid concerns over $200 billion in capital...

Must Read

What Are Anonymous Debit Cards And How Do They Work?

You've heard about anonymous debit cards, but what are they really? Anonymous Debit Cards are cards that let you make purchases without revealing your...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading