Browsing Tag
Data Breaches
3 posts
Data breach disclosure, notification, response, and public reporting coverage.
LastPass Says Klue Breach Exposed Support Case Data, Not Password Vaults
LastPass says attackers used Klue-held OAuth tokens to access customer CRM and support case data in Salesforce, while its password vaults and core infrastructure were not affected. The practical risk is targeted phishing and social engineering built from real support histories.
Klue Breach Shows How SaaS OAuth Tokens Became a Salesforce Risk
Klue’s June security incident let attackers use a legacy integration credential to obtain OAuth tokens and pull Salesforce CRM data from connected customer environments. The breach is a practical warning for teams that treat SaaS integrations as trusted background plumbing instead of monitored, scoped access paths.
Maine’s Fake Breach Notices Expose a New Weak Point in Cyber Reporting
Maine temporarily shut down public access to its breach-notice database after fake Discord and VRChat filings appeared there, showing how official transparency systems can be abused for misinformation.