LastPass Confirms Customer Data Breach via Klue Supply Chain Attack

LastPass confirmed a customer data breach resulting from the Klue supply chain incident, where an unauthorized actor exploited a stolen OAuth token. The breach involved unauthorized access to LastPass systems via Klue, a third-party vendor integrated with Salesforce. No specific dates, technical details, or CVE IDs were disclosed in the incident. The attack led to the exposure of customer data, though the exact scope of impacted information remains unspecified. LastPass acknowledged the breach but did not provide further details on mitigation or response actions.