律动BlockBeats
律动BlockBeats|Jun 24, 2026 06:24
**[Klue Security Incident Affects LastPass, CRM Data Including Customer Phone Numbers and Addresses Leaked]** BlockBeats News, June 24: Password management tool LastPass announced that it has learned of a security incident involving its third-party market intelligence platform, Klue. Hackers stole OAuth tokens belonging to multiple clients (including LastPass) held by Klue and used these tokens to access LastPass's Salesforce CRM system. This may have resulted in the exposure of certain customer names, phone numbers, email addresses, home addresses, support case details, and other business contact information and CRM data. The official statement emphasized that LastPass's products, services, infrastructure, and customer password vaults were not affected, and Gong system data was not accessed. LastPass has taken immediate measures, including revoking employee access to Klue, rotating exposed API tokens, conducting a thorough investigation, and collaborating with Klue, Salesforce, and law enforcement. Additionally, the company is sharing threat intelligence with the security community through its TIME team and strengthening future protections. Users are advised to remain vigilant against potential phishing emails, phone calls, or social engineering attacks that may exploit the leaked information. It is also important to remember that LastPass will never ask for your master password, and all official communications will be sent through trusted channels. [Original Link]
+6
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads