Another LastPass security breach traces back to a compromised vendor

Hackers stole OAuth tokens from third-party vendor Klue, gaining access to LastPass-connected Salesforce and Gong environments. Exposed data includes customer names, contact details, support records, physical addresses, and sales information. LastPass confirmed its own infrastructure and password vaults were not breached.