Gong impacted by Klue supply chain attack
Gong, a company providing revenue intelligence, was impacted by the Klue supply chain attack. The incident involved unauthorized access to its Salesforce environment through compromised Klue integrations. Gong confirmed that examples of data accessed included user names, user business titles, and user emails. The company stated there was no direct impact on call recordings or customer transcripts.
Signal context
First seen: Jun 22, 2026
Last updated: Jun 24, 2026
Status: Public signal
Key points
- Supply chain attack via Klue platform.
- Klue's Salesforce integration compromised.
- Exfiltrated data: user names, user business titles, user emails.
Signal analysis
BetaIt helps compare this signal with other published signals without treating the labels as final determinations.
Likely country: Location not provided
Watch internet-facing systems, credential abuse and exploit activity.
- Source type: outside the affected organization
Impact area: Confidentiality
Likely asset: User or customer data
- 1 signal in the same sector
- 46 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
More Cybersecurity Firms Disclose Impact From Klue Hackhttps://www.securityweek.com/more-cybersecurity-firms-disclose-impact-from-klue-hack/Public source from securityweek.com.
22nd June – Threat Intelligence Reporthttps://research.checkpoint.com/2026/22nd-june-threat-intelligence-report/Public source from research.checkpoint.com.
Related signals
Grouped by why the signal is relevant.
LastPass confirms data breach in Klue supply chain attack
LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in a supply chain attack targeting Klue, a third-party market intelligence platform. The unauthorized actor obtained OAuth tokens from Klue, which were then used to access LastPass customer data. Exposed information includes customer names, phone numbers, email addresses, physical addresses, support case information, and sales/CRM-related data. LastPass stated that its core products, services, and infrastructure, including customer vaults, were not affected by this incident. The Icarus extortion group claimed responsibility for the Klue attack.
OneTrust impacted by Klue supply chain attack
OneTrust, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from OneTrust's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. OneTrust stated the intrusion was limited to its Salesforce instance and did not involve its internal systems.
Tanium impacted by Klue supply chain attack
Tanium, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from Tanium's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. Tanium stated the intrusion was limited to its Salesforce instance and did not involve its internal systems.
Snyk impacted by Klue supply chain attack
Snyk, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from Snyk's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. Snyk stated the intrusion was limited to its Salesforce instance and did not involve its internal systems.
Jamf impacted by Klue supply chain attack
Jamf, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from Jamf's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. Jamf stated the intrusion was limited to its Salesforce instance and did not involve its internal systems.
Huntress impacted by Klue supply chain attack
Huntress, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from Huntress's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. Huntress suggested that a threat actor named Icarus might have been responsible for the attack.