Customer CRM Data Accessed in Supply Chain Incident
Essential information
- Published
- 23/06/2026 18:31
- Modified
- —
- Source / Author
- AlienVault
- Confidence
- 100/100
- Report type(s)
- threat-report
- Labels / Tags
- crm data breach klue lastpass oauth tokens phishing risk salesforce supply chain attack third-party vendor compromise
- Related entities
- 3 indicators, 3 observables, 20 techniques (mitre)
Description
LastPass experienced a security incident through Klue, a third-party market intelligence platform integrated with its Salesforce and Gong systems. On June 12, 2026, LastPass was notified that an unauthorized actor exploited stolen OAuth tokens held by Klue to access customer relationship management data within LastPass's Salesforce environment. The exposed information includes customer names, email addresses, phone numbers, physical addresses, support case data, and sales records. Multiple Klue customers were affected by this supply chain attack. LastPass confirmed no Gong data was accessed, and customer vaults, master passwords, and encrypted vault data remain unaffected. The company has terminated Klue access, rotated compromised API tokens, and is cooperating with law enforcement while warning customers about potential phishing attempts using the exposed contact information.