Klue Battlecards is the third compromised Salesforce-integrated app through which customer data has been stolen; victims include cybersecurity firm Huntress.
An OAuth vulnerability in the Klue platform allowed attackers to gain access to Salesforce CRM data from enterprise customers and exploit it for extortion purposes.
