Security Updates

Security Advisory: HackerOne's Response to the Klue Breach

Security Advisory
Closed
Last Updated
Incident ID
KLUE-2026-06

Earlier this week, HackerOne was made aware that Klue, a third-party market intelligence vendor, experienced a security breach that allowed CRM data to be exfiltrated from the systems of Klue's customers, including HackerOne. Through Klue's OAuth integration with our Salesforce instance, an unauthorized party accessed and copied a set of CRM data. This supply chain incident affected multiple organizations. The impact did not extend to HackerOne's products or infrastructure, which remain secure and fully operational.

What data was affected?

The data maintained in our CRM and potentially compromised relates to business relationships and sales activity, including business contact information, such as email and phone numbers, and sales account and opportunity records. 

Under HackerOne's strict data segmentation policies and controls, no customer vulnerability data is permitted in our CRM systems. Further, our preliminary forensic investigation has found no indication that any such data was accessed.

What steps we have taken

Upon learning of the incident, HackerOne took the following steps:

  • Disconnected the Klue integration and confirmed access to our Salesforce data has been disabled
  • Audited credentials and access logs, and confirmed the exposure was isolated to our Salesforce instance
  • Conducted a forensic investigation to ensure the full scope of the event is understood and contained

Our forensic analysis aligns with findings reported by Huntress and other affected organizations. Further details on the broader incident are available in Huntress's investigation.

Recommended actions

Because business contact information may have been exposed, we encourage you to stay cautious about unsolicited outreach. HackerOne will never contact anyone by phone or email to request credentials or sensitive information. If something appears suspicious, trust that instinct and reach out to us directly at security@hackerone.com before taking any action.

We will continue to monitor for new information and provide updates if our understanding of the scope or impact changes.