Data Breach Roundup (June 19-25)

Klue hack results in data breach at several cybersecurity firms

An update to a story from last week: "marketing intelligence provider" Klue suffered a data breach that allowed attackers to steal data from the company's customers, such as HackerOne, OneTrust, Jamf, and many more. The stolen data appears to primarily be Salesforce databases and similar formats, including data like names, email addresses, phone numbers, job titles, and some account information of their customers, according to the various affected companies. It's worth noting that Klue's announcement of the incident included a noindex tag to prevent it from showing up in search engines.

LastPass confirms data breach in Klue supply chain attack

LastPass is one of the first companies to admit to falling victim downstream to the Klue breach. Exposed data included customer names, phone numbers, mail addresses, physical addresses, support case information, and sales/CRM-related data. It's unclear how many individuals or records were impacted.

Healthtech firm Xolis suffers data breach impacting 1.4 million people

Xolis is a US-based company "that develops AI-powered software used by more than 600 hospitals and health insurers for utilization management, medical necessity reviews, patient status determinations, discharge planning, and reimbursement decisions." This breach was the result of a phishing attack in January and impacted names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information.

Meta's Keystroke-Logging Employee AI Training Program on Pause After Internal Data Leak

A few weeks ago, Meta announced what was effectively a keylogger on all employee's work computers to help better train AI with tasks like general navigation of a desktop environment. Predictably with Meta's comically long list of data breaches in their past, this has resulted in an internal leak exposing keystrokes, private conversations, and transcripts.

Polymarket says hackers stole users’ funds

Gambling app Polymarket has fallen victim to a supply chain attack in which a third-party breach impacted their users. The incident was the result of a phishing campaign and caused about $3 million in cryptocurrency losses. Polymarket says it is reimbursing impacted users.

Polymarket says hackers stole users’ funds | TechCrunch

The prediction market giant Polymarket said it’s refunding users who had funds stolen due to a third-party breach.

TechCrunchLorenzo Franceschi-Bicchierai

Nearly a million passports just exposed on the public internet—and anyone could access them with a simple URL

This appears to be a collection of exposed databases from around Europe. It was discovered by The Verge and remained online for months before being taken down. It's unclear if anyone malicious accessed the documents during this window, but we always advocate for assuming the worst in these cases.