LastPass has disclosed that customer data was exposed in a cyberattack targeting Klue, a third-party platform integrated with its Salesforce environment, rather than LastPass’s own systems. The attackers reportedly exploited stolen OAuth tokens to access CRM data, exposing customer names, contact information, support case details, and sales records, but not password vaults, master passwords, or encrypted user data. LastPass said it quickly responded by revoking Klue access, rotating compromised API tokens, investigating the incident with Klue and Salesforce, and notifying law enforcement. The breach also affected several other cybersecurity companies, highlighting the growing risks of supply chain attacks and the abuse of third-party SaaS integrations. Although users’ password vaults remain secure, LastPass is advising customers to stay alert for phishing and social engineering attempts that may use the stolen contact information.
Read more about it here.