BeyondTrust, LastPass Impacted by Klue-Salesforce Incident
Summary
Over a dozen companies, including BeyondTrust and LastPass, have had their data stolen from Salesforce instances. The data theft occurred following a security incident involving Klue, a platform that integrates with Salesforce.
IFF Assessment
FOE
The incident highlights a supply chain risk and data exposure affecting multiple organizations, which is detrimental to defenders.
Defender Context
This incident underscores the importance of supply chain security, particularly for third-party integrations. Defenders need to be vigilant about the security practices of vendors and partners, and implement robust monitoring and incident response plans to mitigate the impact of such breaches.