HackerOne Affected by Klue Supply Chain Attack

Key points

• Supply chain attack via Klue, a third-party vendor.
• Salesforce data accessed using compromised OAuth tokens.
• Exfiltrated data: sales account data, business contact information (names, email addresses, job titles, phone numbers).

This analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.

Affected organization

Hackerone

Sector: Information

Likely country: Location not provided

Estimated

Threat source

Hacking activity

Watch internet-facing systems, credential abuse and exploit activity.

• Source type: outside the affected organization

Business impact

Potential data exposure

Impact area: Confidentiality

Likely asset: User or customer data

Trend context

53 signals with similar action pattern

• 23 signals in the same sector
• 68 signals with the same likely impact area
• 1 signal linked to this organization/domain

Mentioned entities

HackeroneData DisclosureHackerOne AffectedKlue Supply Chain Attack CybersecurityHackerOneKlueSalesforceOAuthSupplyExfiltrated

External sources

• More Cybersecurity Firms Disclose Impact From Klue Hackhttps://www.securityweek.com/more-cybersecurity-firms-disclose-impact-from-klue-hack/Public source from securityweek.com.
• BeyondTrust, LastPass Impacted by Klue-Salesforce Incidenthttps://www.securityweek.com/beyondtrust-lastpass-impacted-by-klue-salesforce-incident/Public source from securityweek.com.

Related signals

Grouped by why the signal is relevant.

Snyk·Jun 24, 2026

Same sectorSame action patternSame impact area

Snyk Affected by Klue Supply Chain Data Breach

Developer security platform Snyk was impacted by the Klue supply chain attack, which led to unauthorized access to customer data within Salesforce environments. The attack leveraged compromised OAuth tokens from the Klue platform.

Insurity·Jun 24, 2026

Same sectorSame action patternSame impact area

Insurity Customer Data Exposed in Klue Supply Chain Attack

Insurity, a leading provider of cloud-based software for insurance carriers, was impacted by the Klue supply chain attack. The incident involved unauthorized access to customer data within Salesforce environments, due to compromised OAuth tokens from the Klue platform.

Onetrust·Jun 24, 2026

Same sectorSame action patternSame impact area

OneTrust Customer Data Exposed in Klue Supply Chain Attack

OneTrust, a privacy, security, and governance technology company, was among the organizations affected by the Klue supply chain attack. The incident involved unauthorized access to customer data within Salesforce environments, due to compromised OAuth tokens from the Klue platform.

Huntress·Jun 24, 2026

Same sectorSame action patternSame impact area

Huntress Impacted by Klue Supply Chain Attack

Cybersecurity company Huntress was affected by the Klue supply chain attack, which resulted in unauthorized access to customer data within Salesforce environments. The attack utilized compromised OAuth tokens from the Klue platform.

Sproutsocial·Jun 24, 2026

Same sectorSame action patternSame impact area

Sprout Social Data Compromised in Klue Supply Chain Attack

Sprout Social, a social media management platform, was among the companies affected by the Klue supply chain attack. The incident led to unauthorized access to customer data within Salesforce environments, due to compromised OAuth tokens from the Klue platform. The Icarus extortion group claimed responsibility for the attack.

Jamf·Jun 24, 2026

Same sectorSame action patternSame impact area

Jamf Customer Data Exposed in Klue Supply Chain Attack

Jamf, a provider of Apple device management solutions, was impacted by the Klue supply chain attack. The incident involved unauthorized access to customer data stored in Salesforce instances, stemming from compromised OAuth tokens from the Klue platform. The Icarus extortion group claimed responsibility for the attack.