LastPass disclosed that hackers accessed customer data in its Salesforce environment after stealing OAuth tokens in a Klue supply chain attack. The company said its products and vaults were not affected, but exposed details could be used in phishing and social engineering campaigns, and the attack has been linked to the Icarus extortion group. #LastPass #Klue #Icarus #Salesforce #Gong
Keypoints
- LastPass says attackers accessed customer data through its Salesforce environment.
- The breach stemmed from stolen OAuth tokens in a Klue supply chain attack.
- LastPass products, services, infrastructure, and customer vaults were not affected.
- Exposed data may include names, phone numbers, email addresses, physical addresses, and support case details.
- The incident is linked to the Icarus extortion group, and LastPass has rotated tokens and notified law enforcement.