Incident
Klue Breach that Allowed Data Exfiltration from Salesforce
Affected services:
General
Thinkproject has been made aware of a security incident involving Salesforce and Klue (a third-party services provider that had authorized access to our UAT (User Acceptance Testing) CRM environment through a software integration). We are currently investigating this as it may affect certain business contact data stored in our systems.
As of this time, the exfiltrated data may include business contact information relating to individual employees of customers who have been in contact with Thinkproject, such as names, email addresses, job titles or roles, as well as certain commercial information.
No Thinkproject products or services were affected at any point. Our CRM system is completely separate from the Thinkproject product platform used by our customers and is not connected to it.
As a precaution, we would like to ask Thinkproject customers to exercise particular caution when receiving emails, phone calls, or other forms of contact, especially if:
• unusual or unexpected requests are made,
• you are asked to disclose confidential information,
• you are notified of payment instructions or changes to bank account information, or
• links or attachments are included whose origin cannot be verified beyond a doubt.
Please review such requests carefully and, if in doubt, use the communication channels you are familiar with to verify their authenticity.
We are working to investigate the matter as a high priority and have taken additional measures to secure our systems. Should further relevant findings emerge from the ongoing investigations, we will provide further updates on this page.
If you have any questions, please feel free to contact our representative at hello@thinkproject.com.
As of this time, the exfiltrated data may include business contact information relating to individual employees of customers who have been in contact with Thinkproject, such as names, email addresses, job titles or roles, as well as certain commercial information.
No Thinkproject products or services were affected at any point. Our CRM system is completely separate from the Thinkproject product platform used by our customers and is not connected to it.
As a precaution, we would like to ask Thinkproject customers to exercise particular caution when receiving emails, phone calls, or other forms of contact, especially if:
• unusual or unexpected requests are made,
• you are asked to disclose confidential information,
• you are notified of payment instructions or changes to bank account information, or
• links or attachments are included whose origin cannot be verified beyond a doubt.
Please review such requests carefully and, if in doubt, use the communication channels you are familiar with to verify their authenticity.
We are working to investigate the matter as a high priority and have taken additional measures to secure our systems. Should further relevant findings emerge from the ongoing investigations, we will provide further updates on this page.
If you have any questions, please feel free to contact our representative at hello@thinkproject.com.
Jun 19, 4:13 PM