Klue hack used 2022 credential to steal customer data

Market research company Klue confirmed a credential from a 2022 limited pilot was used by hackers earlier this month to steal customer data, including from LastPass and other cybersecurity firms. The credential, which stored OAuth tokens, allowed access to customers' cloud databases. Klue has not explained why the credential was not revoked after the pilot ended.