{"id":735223,"date":"2026-06-24T13:30:38","date_gmt":"2026-06-24T10:30:38","guid":{"rendered":"https:\/\/buradabiliyorum.com\/en\/klue-says-hackers-stole-credential-from-2022-that-led-to-customer-data-breaches\/"},"modified":"2026-06-24T13:30:38","modified_gmt":"2026-06-24T10:30:38","slug":"klue-says-hackers-stole-credential-from-2022-that-led-to-customer-data-breaches","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/klue-says-hackers-stole-credential-from-2022-that-led-to-customer-data-breaches\/","title":{"rendered":"Klue says hackers stole credential from 2022 that led to customer data breaches"},"content":{"rendered":"<div>\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">Market research company Klue has confirmed that a credential dating back to 2022, which was part of a limited pilot, was used by hackers earlier this month to steal reams of data from its corporate customers, including several cybersecurity companies.<\/p>\n<p class=\"wp-block-paragraph\">The new detail suggests that Klue may have had years to decommission the credential that was used for the pilot, raising questions about the company\u2019s security posture and what actions it could have taken to prevent the breaches of its customers\u2019 data.<\/p>\n<p class=\"wp-block-paragraph\">The hack at Vancouver-based Klue, which it detected on June 12 and first disclosed last Friday, allowed hackers to steal data from a number of its customers, including password manager maker LastPass and several other cybersecurity companies. The hackers used their access to Klue\u2019s systems, which store the keys \u2014 known as OAuth tokens \u2014 to access their customers\u2019 data stored in other clouds and databases, to <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">download<\/a> that data, and extort the companies.<\/p>\n<p class=\"wp-block-paragraph\">Klue spokesperson Katie Berg told TechCrunch that the company\u2019s investigation so far indicates that the credential used by the hackers to steal customers\u2019 data \u201cwas originally provided to a third-party in 2022, for a limited pilot.\u201d<\/p>\n<p class=\"wp-block-paragraph\">When asked by TechCrunch, Klue would not explain the purpose of the pilot, how long it ran, or identify the third-party that the company gave the credential to.\u00a0Klue also did not share why the credential wasn\u2019t revoked following the conclusion of the pilot.<\/p>\n<p class=\"wp-block-paragraph\">Klue did not respond to follow-up emails about the incident before publication.<\/p>\n<p class=\"wp-block-paragraph\">Questions remain about the incident as the company says its investigation is continuing.<\/p>\n<p class=\"wp-block-paragraph\">Klue hasn\u2019t said what kind of credential was stolen, only stating <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/klue.com\/blog\/an-update-on-recent-klue-security-incident\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">in a blog post<\/a> that it was a \u201clegacy credential associated with an integration service.\u201d Klue also would not say whether the credential was an employee\u2019s username and password, for example, or if the company believes the credential was stolen from the third-party rather than from its own systems.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">These details may be crucial to understanding how the breach was carried out \u2014 and how to prevent a repeat incident.<\/p>\n<p class=\"wp-block-paragraph\">Klue\u2019s statement to TechCrunch added that the company is \u201cconducting a comprehensive review of credential management, vendor-access controls, monitoring capabilities, and deployment security processes,\u201d offering no further details.<\/p>\n<p class=\"wp-block-paragraph\">A hacking group called Icarus took credit for the breach on its data leak site, and has publicly threatened to release the stolen data if its ransom isn\u2019t paid.<\/p>\n<p class=\"wp-block-paragraph\">Klue has not said if it has had contact with the hackers, or if it plans to pay their demands.<\/p>\n<p class=\"wp-block-paragraph\"><em>Do you know more about the Klue cyberattack? Are you a company affected by the breach? We would love to hear from you. To contact Zack Whittaker securely, reach out via Signal at username zackwhittaker.1337<\/em>.<\/p>\n<\/div>\n<p><em>When you purchase through links in our articles, we may earn a small commission. This doesn\u2019t affect our editorial independence.<\/em><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMN63nwsw68G3Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" target=\"_blank\" >Technology<\/a><\/span> category.<\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/techcrunch.com\/2026\/06\/23\/klue-says-hackers-stole-credential-from-2022-that-led-to-customer-data-breaches\/\" target=\"_blank\" >Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Market research company Klue has confirmed that a credential dating back to 2022, which was part of a limited pilot, was used by hackers earlier this month to steal reams of data from its corporate customers, including several cybersecurity companies. The new detail suggests that Klue may have had years to decommission the credential that&#8230;<\/p>\n","protected":false},"author":1,"featured_media":735224,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2022\/03\/keys-red-lock-key-1.jpg?resize=1200,800","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[152216,70375,72458,162964,72287],"class_list":["post-735223","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-cyberattack","tag-cybersecurity","tag-data-breach","tag-klue","tag-security"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/735223","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=735223"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/735223\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/735224"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=735223"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=735223"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=735223"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}