Klue says hackers stole credential from 2022 that led to customer data breaches

Competitive intelligence platform Klue recently disclosed that its systems were breached due to the exploitation of a credential stolen by unauthorized actors in 2022. This particular access token, initially issued for a limited pilot program, was never revoked by Klue, leaving a critical vulnerability active for years. Threat actors leveraged this unexpired credential to infiltrate a system holding sensitive encryption keys and other essential components required for accessing customer data. The attackers' successful use of this long-dormant access led directly to unauthorized access and subsequent breaches of customer information stored within Klue's infrastructure¹. Klue has not provided a rationale for why the credential remained active post-pilot, highlighting a significant oversight in security protocols. This incident underscores the severe implications of failing to implement rigorous credential lifecycle management, especially the timely revocation of access for temporary or completed initiatives, which can leave organizations exposed to persistent threats from advanced adversaries.