Klue-Salesforce Breach Hits BeyondTrust, LastPass

A data breach involving Klue's integration with Salesforce has compromised customer data, with security vendors BeyondTrust and LastPass among the confirmed victims. The incident, disclosed by SecurityWeek, stems from unauthorized access to Salesforce environments linked to Klue, a competitive intelligence platform.

Over a dozen Klue customers have now confirmed that hackers stole data from their Salesforce instances. The full scope remains under investigation, but the inclusion of BeyondTrust and LastPass—both cybersecurity companies—elevates concerns about the sensitivity of the exposed information.

Technical specifics of the attack vector and the exact data exfiltrated have not been publicly detailed. Affected organizations are likely working with their security teams to determine the extent of the compromise, with indicators of compromise not yet widely shared.

Klue has not released an official patch or mitigation timeline. Affected customers are advised to review Salesforce access logs, rotate credentials, and audit any integrations with third-party platforms. Salesforce itself has not issued a separate statement on the incident.

While no threat actor has claimed responsibility, the breach underscores the cascading risks of interconnected enterprise platforms. Organizations relying on Klue should monitor for further disclosures and implement additional access controls as a precaution.