ATLAS · LIVE
ATLAS INDEX
Δ 24H
ACTIVE SOURCES20
HOTSPOTS20
TIME21:41:50 UTC
← All briefs
HIGHCyber IntelligenceWednesday, June 24, 2026

LastPass breached via stolen OAuth tokens in Klue supply chain attack

Hackers accessed customer data from LastPass's Salesforce environment after compromising OAuth credentials through third-party vendor Klue earlier this month.

LastPass confirmed that attackers accessed customer data stored in its Salesforce environment following a supply chain compromise at Klue, a competitive intelligence platform. The breach occurred after hackers stole OAuth tokens that granted access to LastPass's Salesforce instance.

The incident stems from a broader supply chain attack targeting Klue, which provides sales intelligence services to multiple enterprise clients. LastPass disclosed that the stolen OAuth tokens allowed unauthorized access to customer information held within its Salesforce deployment, though the company has not specified the volume or sensitivity of exposed data.

This marks the latest security incident for LastPass, which has faced scrutiny over previous breaches. The company's reliance on third-party vendors for business operations created an attack surface that threat actors successfully exploited. OAuth tokens, which enable applications to access services without exposing passwords, have become a preferred target for sophisticated threat actors because they can provide persistent access to cloud environments.

The rest of this brief is inside the platform

Continue reading. Free.

A free Atlas account unlocks the full briefing, the co-analyst, daily delivery to your inbox, and a sector-personalised feed.

Full brief
Implications, sources, methodology
Co-Analyst
Ask follow-ups on every brief
Sector feed
Briefs filtered to what matters to you
Implications
  • 01LastPass customers face potential exposure of account metadata and business information held in Salesforce.
  • 02Organizations using Klue must audit OAuth token grants and review access logs for anomalies.
  • 03Enterprises relying on third-party SaaS integrations should reassess vendor security postures and token management.
  • 04Security teams should inventory OAuth grants across cloud platforms and implement token rotation policies.
Source
BleepingComputer
https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/
Brief is editorial commentary by Atlas Intelligence based on the cited public reporting. Atlas does not reproduce source text. Verify primary source before action.
#supply chain attack#oauth compromise#lastpass#salesforce breach#klue#third-party risk
Related Briefs