Security · 1h ago
Klue Breach Traced to Stale Credential from 2022 Pilot
Klue disclosed that hackers stole a credential from a 2022 pilot program, which was never revoked, and used it to access a system holding keys to customer data. The breach led to unauthorized access to customer information, though the full scope remains unclear. The incident highlights risks of orphaned credentials lingering in enterprise environments.
Meridian48 take
The real story isn't the breach itself but the security hygiene failure—a credential left active for years is a ticking time bomb, and Klue's silence on why it wasn't revoked raises questions about their access management practices.
Read the full reporting
Klue says hackers stole credential from 2022 that led to customer data breaches →
TechCrunch
data-breachcredential-theft