Major Cyberattack at Klue: Hackers Gained Access via 2022 Credentials

·39·Technology
Major Cyberattack at Klue: Hackers Gained Access via 2022 Credentials

Klue, a market analysis company, has officially confirmed a major cyberattack caused by outdated access credentials dating back to 2022. Due to this security flaw, hackers managed to obtain confidential information of many corporate clients, including world-renowned cybersecurity organizations. This was reported by Techcrunch.com news states.

Although the Vancouver-based company Klue detected the attack on June 12, the details are only now being disclosed. It appears that hackers used an access key provided to a third party for a limited pilot project in 2022. This situation has raised serious questions about the weakness of the company's security system and its processes for timely deletion of outdated data.

Cybersecurity Giants Targeted

The fact that the victims include the popular password manager LastPass and several large cybersecurity firms demonstrates the severity of the situation. By stealing special keys called OAuth tokens from the Klue system, hackers gained access to clients' other cloud storage repositories and databases.

In an interview with TechCrunch, Klue representative Katie Berg stated that the stolen data belonged to a third party, but did not disclose which partner or project was involved. Furthermore, it remains unclear why this access credential was not revoked after the pilot project ended.

Investigation and Future Measures

The company is currently describing the incident on its blog as the theft of "legacy credentials related to an integration service." Experts believe that if Klue had removed these outdated credentials from the system in a timely manner, such a large-scale data leak could have been prevented.

The company announced that it is currently conducting a comprehensive review in the following areas:

  • Reviewing the access credential management system;
  • Strengthening control mechanisms for external vendors;
  • Expanding system monitoring capabilities;
  • Optimizing security implementation processes.

This event should serve as an important lesson for IT professionals and the corporate sector in Uzbekistan. Outdated logins and passwords, especially temporary credentials granted for third-party projects, often become the weakest point. The fact that a major international platform like Klue made such a mistake proves once again how vital the principle of "constant vigilance" is in digital security.

KlueCybersecurityHackersLastPassData Breach
Add Zamin.uz to GoogleRead "Zamin" on Telegram!
Nodirbek Razzokov
«ZAMIN.UZ» editor
Discuss with Zamin AIAnalyze the news, get useful answers

Comments 0

Related news

EcoFlow Introduces Smart Energy Saving System: Stream 5000 and OASIS 3.0 PlatformEcoFlow Introduces Smart Energy Saving System: Stream 5000 and OASIS 3.0 PlatformToday, 02:23Rosatom Plans to Build Large Plant for Next-Generation Nuclear PowerRosatom Plans to Build Large Plant for Next-Generation Nuclear PowerToday, 01:56AI Accused of Artificially Inflating Gas Prices in the USAI Accused of Artificially Inflating Gas Prices in the USToday, 01:29AI in the Service of Nature: Meet the Kiwibit Smart Bird FeederAI in the Service of Nature: Meet the Kiwibit Smart Bird FeederToday, 01:24Fujifilm Introduces New Instax Wide 400: Analog Photos in a Wider FormatFujifilm Introduces New Instax Wide 400: Analog Photos in a Wider FormatToday, 01:23Honor Smartphones to Get Secret Feature of Samsung Galaxy S26 UltraHonor Smartphones to Get Secret Feature of Samsung Galaxy S26 UltraToday, 00:53
AnnouncementsPartnership
Playmatch: Simplifying Operations for Pitch Owners
Playmatch: Simplifying Operations for Pitch Owners
Playmatch: All Necessary Football Services in One App
Playmatch: All Necessary Football Services in One App
How are investment decisions made in conditions of high uncertainty?
How are investment decisions made in conditions of high uncertainty?
How to choose a card for daily expenses?
How to choose a card for daily expenses?
Eldor Shomurodov Football Academy and TBC Bank: From childhood dreams to big football
Eldor Shomurodov Football Academy and TBC Bank: From childhood dreams to big football
Advantages of OSGOP insurance for drivers and carriers
Advantages of OSGOP insurance for drivers and carriers
Another creativity from Pure Milky: Every step - with love for dear people!
Another creativity from Pure Milky: Every step - with love for dear people!
Where should you work to increase your chances of getting a loan
Where should you work to increase your chances of getting a loan

Most read Technology news

First iPhone 18 Design Leaked: Apple Opts for Unexpected Look
First iPhone 18 Design Leaked: Apple Opts for Unexpected Look
Why can't Google's AI spell its own name correctly?
Why can't Google's AI spell its own name correctly?
Honor 600 Pro Launched in China: 200MP Camera and 8000mAh Battery
Honor 600 Pro Launched in China: 200MP Camera and 8000mAh Battery
Samsung Galaxy S23 users face issues after One UI 8.5 update
Samsung Galaxy S23 users face issues after One UI 8.5 update
Galaxy S23, S24, and S25 Ultra Models Lose One UI 8.5 Features
Galaxy S23, S24, and S25 Ultra Models Lose One UI 8.5 Features
iPhone 18 Pro colors revealed: Dark Cherry becomes the main trend
iPhone 18 Pro colors revealed: Dark Cherry becomes the main trend
Strong Magnetic Storm Begins on Earth
Strong Magnetic Storm Begins on Earth
8000 mAh battery and 200 MP Leica camera: Xiaomi 17 Max released
8000 mAh battery and 200 MP Leica camera: Xiaomi 17 Max released