We’re sharing an update with customers on a known compromise involving third-party provider Klue’s integration with Salesforce. Tines was notified that it was among the organizations affected by this incident, which impacted Tines’ Salesforce instance and some of the CRM data it holds. We have confirmed that the Tines platform and customer environments were not impacted.
As security professionals, we know how frustrating these incidents can be, and are taking a rigorous approach to investigating this compromise. Our priority is transparency to our customers.
This post outlines key details of the incident and Tines’ response, and will be updated with any new details that emerge as our investigation continues.
What happened
On or about June 11th, a threat actor compromised market intelligence platform Klue’s systems. The threat actor then used credentials associated with Klue customers’ integrations to access Salesforce data across multiple organizations, including Tines.
Tines was notified that we were impacted by this incident, and initiated an investigation into this third-party incident and any impact on customers.
What is the impact?
Our initial investigation into the Klue incident has confirmed that the activity is limited to Salesforce business information. This information could include:
Business and account contact information
Account and opportunity information
Commercial communications stored in Salesforce
Sales-related records associated with customer or prospect relationships
Based on our investigation to date, we have found no evidence of unauthorized access to any information outside of Salesforce, including within Tines production systems, customer environments, workflow data or authentication credentials.
Next steps
Following our initial investigation, Tines took immediate action to address this issue, including:
Confirming the suspension of Klue’s access in Salesforce.
Requesting confirmation, details, and logs from Klue.
Reviewing available Salesforce logs and requesting further details on the Klue account activity from Salesforce.
Confirming there was no evidence of any unauthorized access to Tines’ production systems, customer environments, product infrastructure, or customer workflow data.
Guidelines to customers
Incidents such as these raise concerns about attempts at phishing and social engineering becoming more convincing. We recommend that customers remain vigilant and evaluate all unexpected communications referencing Tines, Salesforce, Klue, and any invoices, account changes, or payment activity related thereto
As a reminder, Tines will always contact you to confirm payment information and Tines will never ask you for passwords or credentials by email. If you receive a communication that appears to be from Tines and you are unsure whether it is legitimate, contact support@tines.com.
Our focus now
To ensure ongoing updates, we will continue to work with Klue, Salesforce, and other relevant parties to gather more information and continue to investigate this incident and its impact.
We are here to support our customers and encourage you to reach out with any questions or concerns you may have following this third-party compromise. Get in touch with your account team or support@tines.com.