What happened?
Klue recently disclosed a security incident involving its platform, a third-party competitive intelligence solution that was integrated with Catchpoint’s Salesforce environment. According to Klue, attackers compromised its integration infrastructure and used stolen OAuth credentials to gain unauthorized access to data available through connected Salesforce integrations.
Upon learning of the incident, LogicMonitor immediately activated its incident response procedures and began working with Klue, Salesforce, and other relevant parties to investigate the matter. Our investigation has confirmed that unauthorized access to the Catchpoint Salesforce environment occurred. The Klue integration has since been removed, the unauthorized access has been contained, and our investigation into the full scope of the incident remains ongoing.
The incident was limited to the Catchpoint Salesforce environment. LogicMonitor’s primary Salesforce environment was not impacted.
While the investigation is ongoing, at this time the data accessed appears to be limited to business relationship and sales activity data stored in Catchpoint’s Salesforce environment. This includes business contact information, such as names, business email addresses, phone numbers, account information, sales opportunities, quotes, and other CRM records.
By design, LogicMonitor, including Catchpoint, maintains secure and logical separation between its CRM systems and production systems. Salesforce is used to manage customer relationships and sales activity and does not store customer monitoring data, production systems data, authentication credentials, payment information, or other operational customer data. As a result, this information was not accessible through the Klue integration.
Is there any action customers need to take?
At this time, no action is required. We are communicating directly with affected customers and working with them in accordance with applicable laws and our contractual commitments.
What is LogicMonitor doing?
LogicMonitor is conducting a comprehensive investigation and forensic assessment to validate the full scope and extent of customer impact. We are closely monitoring the situation, implementing additional security measures as appropriate, and will provide further updates as new information becomes available.
Disclaimer: The views expressed on this blog are those of the author and do not necessarily reflect the views of LogicMonitor or its affiliates.
© LogicMonitor 2026 | All rights reserved. | All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.
