Was the 8x8 phone network itself reported as down?

No. 8x8 said its core information systems remained operational and that the incident involved a third-party Klue integration connected to Salesforce.

Why is this a VoIP buyer issue?

Modern VoIP deployments often sync call notes, recordings, transcripts, AI summaries, contacts, opportunities, and tickets into CRM systems. Those integrations can expose data even when call routing still works.

What should buyers ask vendors after this incident?

Ask for connected-app inventories, OAuth scope limits, field-level data maps, token rotation procedures, API anomaly monitoring, and an operating plan for disabling a risky integration.

8x8 Klue Salesforce Incident: VoIP CRM Risk Map

Direct answer

8x8 Klue Salesforce integration breach: what buyers need to know

8x8 reported in a June 23, 2026 Form 8-K that an unauthorized actor exploited a Klue Labs third-party API integration connected to its Salesforce CRM between June 11 and June 12. The company said the actor accessed and exfiltrated competitively sensitive information about current, former, and prospective customers, including fragmented contract and opportunity information, sales notes, and business contact details. 8x8 said its core information systems remained operational, but VoIP buyers should treat CRM integrations as data-exposure and continuity controls.

Published 6/27/2026 News event 6/23/2026

This brief cites the source announcement and translates the event into a buyer framework. Verify current vendor terms before changing phone, messaging, or AI routing.

What happened

8x8 said it learned on June 13 that a threat actor had exploited a third-party API integration between Klue Labs and its Salesforce CRM.
The filing says unauthorized access occurred between June 11 and June 12 and involved customer, former customer, and prospective customer information.
8x8 said the exposed information included fragmented contract and opportunity data, sales notes, business contact details, and limited payment-card information.
Cybersecurity Dive reported that Klue was investigating a supply-chain attack tied to Salesforce integrations and that Salesforce disabled the Klue app while the issue was investigated.
The Hacker News reported that Klue attributed the incident to a compromised legacy credential and OAuth tokens used to query connected third-party platforms.

Why this is trending

The incident connects security headlines to everyday revenue operations: call notes, CRM records, opportunities, and customer contact data.
VoIP buyers increasingly connect phone systems, dialers, AI voice agents, call summaries, CRM notes, sales intelligence, and support workflows.
The story shows that a phone stack can inherit risk from connected apps even when the core calling platform stays operational.

The VoIP Stack Index take

A VoIP buyer should not approve CRM, sales, and AI integrations only because the features look useful. The buyer needs proof of token scope, least-privilege access, audit logs, vendor offboarding, CRM field exposure, incident notices, and failover procedures if a connected app must be disabled quickly.

VoIP CRM Integration Risk Map

A buyer framework for checking connected-app tokens, CRM call logging, sales notes, support handoffs, contract data, and continuity controls before linking a phone stack to Salesforce or other CRM systems.

Channel AI fit Human rule VoIP requirement

CRM call logging AI can summarize calls, tag dispositions, and draft next steps from voice conversations. A revenue owner should decide which notes are safe to sync and which fields expose sensitive deal context. Field-level sync rules, least-privilege CRM access, transcript retention controls, and audit logs.

Sales notes and contacts Automation can enrich contacts, update opportunity records, and prepare follow-up tasks. Sales leadership must limit access to pricing, contract, renewal, and prospecting notes. Scoped OAuth app permissions, data-classification rules, and connected-app review cadence.

Support-case handoff Voice systems can push call summaries into tickets and route repeat callers faster. Support managers should approve workflows that expose support history, complaints, or regulated data. Case-field controls, escalation boundaries, redaction, and human review for sensitive queues.

Connected-app tokens Monitoring can detect abnormal API volume, stale tokens, and integrations not used recently. Security and operations owners must revoke risky tokens and decide what workflows pause during review. OAuth inventory, token rotation, vendor offboarding process, and API anomaly alerts.

Incident continuity Routing rules can keep calls flowing while a CRM or enrichment integration is disabled. Humans should own customer notices, manual logging, and high-value account follow-up during a freeze. CRM-disabled operating mode, backup call notes, queue owners, and customer communication plan.

What buyers should do next

Inventory every connected app that can read or write CRM, call, contact, transcript, opportunity, or ticket data.

Require least-privilege OAuth scopes and remove unused sales-intelligence or enrichment integrations.

Ask VoIP vendors how call summaries, recordings, transcripts, and AI-generated notes are synced into CRM fields.

Create a CRM-disabled fallback process for call logging, escalations, and customer follow-up if a connected app is shut off.

Buyer bridge

Do the routing audit before buying the buzz.

The winning AI phone stack is the one that preserves context, controls fallback, and lets humans take over without making the customer repeat the story.

Run the AI-ready VoIP audit