Klue says hackers stole credential from 2022 that led to customer data breaches
Key takeaways
- The hackers used their access to Klue s systems, which store the keys — known as OAuth tokens — to access their customers data stored in other clouds and databases, to download that data, and extort the companies.
- Questions remain about the incident as the company says its investigation is continuing.
- Klue hasn t said what kind of credential was stolen, only stating in a blog post that it was a legacy credential associated with an integration service.
Market research company Klue has confirmed that a credential dating back to 2022, which was part of a limited pilot, was used by hackers earlier this month to steal reams of data from its corporate customers, including several cybersecurity companies.
The new detail suggests that Klue may have had years to decommission the credential that was used for the pilot, raising questions about the company s security posture and what actions it could have taken to prevent the breaches of its customers data.
The hack at Vancouver-based Klue, which it detected on June 12 and first disclosed last Friday, allowed hackers to steal data from a number of its customers, including password manager maker LastPass and several other cybersecurity companies. The hackers used their access to Klue s systems, which store the keys — known as OAuth tokens — to access their customers data stored in other clouds and databases, to download that data, and extort the companies.