Close Menu
iNews Zoombangla
  • Bangladesh
  • World
  • Tech
  • Business
  • Sports
  • Entertainment
  • Bangla
Facebook X (Twitter) Instagram
iNews Zoombangla
  • Bangladesh
  • World
  • Tech
  • Business
  • Sports
  • Entertainment
  • Bangla
iNews Zoombangla
Home English Business Technology Cyber Security Hackers Steal Salesforce CRM Data Through Klue Integration Breach
Business Cyber Security English Technology

Hackers Steal Salesforce CRM Data Through Klue Integration Breach

By Esrat Jahan IsfaJune 21, 20262 Mins Read

An extortion group calling itself Icarus has stolen customer relationship management data from enterprise companies by exploiting a third-party integration that connects the competitive intelligence platform Klue to Salesforce.

Salesforce Klue data breach

Advertisement

The attack began on June 11, when the threat actors gained access to Klue’s backend infrastructure using a dormant API credential originally created for an abandoned internal project. They used that foothold to push a code update that silently harvested OAuth tokens customers use to connect Klue to their Salesforce environments. Automated scripts then pulled bulk CRM records through legitimate API channels, avoiding the traffic patterns that typically trigger security alerts.

Salesforce disabled the Klue Battlecards app integration across all affected customer environments after detecting unusual activity. The cybersecurity firm Huntress was among the companies confirmed as affected. Huntress attributed the attack to Icarus based on matching Session Messenger identifiers found in extortion emails and on the group’s dark-web leak site.

The method used here reflects a trend in enterprise attacks. Adversaries increasingly target vendor integrations rather than the primary platform itself, where defenses tend to be stronger. OAuth token abuse through trusted third-party apps has become a reliable entry point for actors targeting large organizations.

The Icarus group has been active since late April 2026, operating a dark-web leak site and targeting companies through software supply chain vulnerabilities. Several enterprises have reported receiving extortion demands since June. Affected organizations are advised to audit active Salesforce integrations, rotate any OAuth credentials tied to Klue, and review API access logs starting from June 11.

Cybersecurity threats have escalated across enterprise software this year. Microsoft warned earlier about the CryptoBandits malware campaign targeting crypto wallets through USB drives. Google DiffusionGemma and other AI tools have also become targets for adversaries probing enterprise AI pipelines. The Apple and Google partnership on iOS 27’s Siri AI is prompting security researchers to examine new AI-integrated attack surfaces.

Klue has not issued a full public statement detailing the scope of data exposed. The company builds competitive intelligence tools used by enterprise sales and marketing teams, meaning the stolen CRM data may include prospect information, deal pipeline details, and customer contact records.

The full scale of the breach is still being assessed. Affected companies have been notified by Salesforce. Huntress published a detailed technical investigation on its blog, including indicators of compromise and guidance for organizations running the Klue integration.

fXinmwalink@tg
Zoom Bangla News
Zoom Bangla News
inews.zoombangla.com
Follow

Follow iNews Zoombangla On Google

Open the Google follow page and tap the checkmark option to receive more updates from iNews Zoombangla in your Google news feed.

Follow iNews Zoombangla On Google
Cybersecurity Data Breach Icarus hackers Klue Salesforce
Esrat Jahan Isfa

    Esrat Jahan Isfa is a journalist at Zoom Bangla News, contributing to news writing and editorial support. She is involved in refining content to ensure accuracy, clarity, and readability for digital audiences. Her work reflects a strong commitment to responsible journalism and quality reporting.

    Related Posts
    Ted Lasso stars turn Argentina's World Cup game

    Ted Lasso stars turn Argentina’s World Cup game into a Kansas City event

    July 13, 2026
    Royal Box stays at the center of Wimbledon final-day coverage

    Royal Box stays at the center of Wimbledon final-day coverage

    July 13, 2026
    Prince William and Kate bring royal attention back to Wimbledon

    Prince William and Kate bring royal attention back to Wimbledon

    July 13, 2026

    Latest News

    Ted Lasso stars turn Argentina's World Cup game

    Ted Lasso stars turn Argentina’s World Cup game into a Kansas City event

    Royal Box stays at the center of Wimbledon final-day coverage

    Royal Box stays at the center of Wimbledon final-day coverage

    Prince William and Kate bring royal attention back to Wimbledon

    Prince William and Kate bring royal attention back to Wimbledon

    Jannik Sinner's Wimbledon

    Jannik Sinner’s Wimbledon win keeps the title race in his hands

    England's World Cup

    England’s cable controversy becomes part of the World Cup story

    England scores after a cable scare and keeps World Cup drama alive

    হল্যান্ড

    Haaland leaves the World Cup with a bigger online footprint than ever

    Wimbledon 2026

    Wimbledon final day keeps the UK tennis audience locked in

    Ben Stiller keeps Wimbledon celebrity attention in the Royal Box

    Ben Stiller keeps Wimbledon celebrity attention in the Royal Box

    Motorola Edge 70 Max India launch

    Motorola Edge 70 Max launch in India brings fresh smartphone interest

     

    Inews

    iNews Zoombangla is your trusted destination for fast, accurate, and relevant English news. We cover Bangladesh, world affairs, technology, business, sports, entertainment, lifestyle, science, and research for English-language readers. iNews Zoombangla is the English news edition of ZooBangla.

    • About Us
    • Contact Us
    • Career
    • Advertise
    • DMCA
    • Privacy Policy
    • Feed
    • Authors
    • Editorial Team Info
    • Ethics Policy
    • Correction Policy
    • Fact-Checking Policy
    • Funding Information
    © 2026 ZoomBangla Pvt Ltd. - Powered by ZoomBangla

    Type above and press Enter to search. Press Esc to cancel.

    tgXwa