Scope of Salesforce Attacks Expands as Icarus Leaks Data

A

Admin User

Administrator of InfoSecCenter. Passionate about cybersecurity, information security, and technology.

Save

A recent wave of cyberattacks targeting Salesforce environments has expanded significantly as threat actors, operating under the moniker "Icarus," have reportedly leaked additional data obtained through compromised third-party integrations. The incident highlights a growing concern over supply chain vulnerabilities in cloud ecosystems and the cascading effects that can occur when a single trusted vendor is breached.

The breach originated when attackers infiltrated Klue, a competitive intelligence platform that integrates with Salesforce via OAuth tokens. These tokens, which serve as digital keys granting limited access between applications, were subsequently exploited to access and exfiltrate sensitive Salesforce customer data. What initially appeared to be an isolated incident has now revealed a much broader victim pool, as additional organizations come forward to confirm potential data exposure. The affected entities include various Salesforce customers who had established integrations with Klue, potentially exposing proprietary business

Share

Shares: 0
LinkedIn WhatsApp Pinterest Print

You might also like

Comments (0)

Leave a Comment

No comments yet. Be the first to comment!