Top stories
LastPass customer data exposed through Klue supply-chain breach
- Category: Security
- Status: confirmed
- Sources: TechCrunch, Cybersecurity Dive, report
- Summary: LastPass confirmed on 2026-06-23 that attackers accessed customer data in its Salesforce environment after OAuth tokens were stolen in a breach of Klue, a third-party market-intelligence platform it integrates with. Exposed data includes names, phone numbers, email and physical addresses, and customer-support case contents; LastPass says its products, infrastructure, and customer vaults were not affected. The Klue compromise, claimed by the Icarus extortion group via compromised legacy integration credentials, also hit Recorded Future, Tanium, Jamf, Sprout Social, Gong, and Insurity.
- Why it matters: A single SaaS integration breach cascaded OAuth-token access into many vendors' Salesforce CRMs, the recurring third-party-integration supply-chain failure mode.
- Follow-up: Track the full list of affected Klue customers and phishing follow-on using the stolen support-case data.