A significant data breach has occurred at Klue, a Vancouver-based market intelligence provider, impacting several high-profile clients in the cybersecurity sector. The cybercrime group Icarus has claimed responsibility for this attack, which allowed access to sensitive data from Klue’s corporate customers. The infiltration took place on June 12, utilizing a compromised legacy credential associated with an integration tool that connects customers' cloud data to Klue's systems.
Klue reported on Friday that the attackers have stolen information from an undisclosed number of its clients, which include notable firms such as Gong, Jamf, HackerOne, Insurity, OneTrust, Recorded Future, Snyk, Sprout Social, and Tanium. The hackers have threatened to publish the stolen data on Monday unless a ransom is paid. Much of the compromised information consists of business contact details, including names, email addresses, phone numbers, job titles, and account data.
This incident underscores a broader trend of targeting middleware providers to access extensive data from various organizations through a single point of failure. Over the past year, there has been a rise in similar attacks on companies like Gainsight and Salesloft, highlighting the vulnerabilities associated with cloud database access.