Snyk

Our engineering team is currently investigating reports of degraded performance in the SNYK-US-01 US Multi-tenant environment (app.snyk.io). We are actively working to isolate the cause and will provide updates as we the investigation progresses.

We were notified of a security incident involving Klue, a market intelligence platform used by Snyk and a wide range of companies for competitive intelligence. An unauthorized party accessed data from Snyk's Salesforce environment through Klue's integration. Other security vendors, such as Recorded Future (https://www.recordedfuture.com/blog/klue-security-incident), Tanium (https://www.tanium.com/blog/security-update-taniums-response-to-the-klue-breach-that-allowed-data-exfiltration-from-salesforce/), Huntress (https://www.huntress.com/blog/klue-breach-investigation), and Jamf (https://www.jamf.com/blog/klue-incident/) have been impacted and have shared updates publicly. Our investigation shows that, to our knowledge at this point in time, the impact was primarily limited to business data fields within the Salesforce environments. This includes customer business contact information and only the title and description from a limited subset of customer support cases. The body or contents of the support cases were not included nor did it affect Snyk's products. There was no impact on our ability to serve our customers. Snyk's platform, services, and infrastructure remain fully operational and were not involved. Upon notification from Klue, we promptly disabled the Klue integration in Salesforce and began our own review. We will post updates here as we learn more.

Our engineering team is currently investigating reports of degraded performance in the SNYK-US-01 US Multi-tenant environment (app.snyk.io). We are actively working to isolate the cause and will provide updates as we the investigation progresses.

We were notified of a security incident involving Klue, a market intelligence platform used by Snyk and a wide range of companies for competitive intelligence. An unauthorized party accessed data from Snyk's Salesforce environment through Klue's integration. Other security vendors, such as Recorded Future (https://www.recordedfuture.com/blog/klue-security-incident), Tanium (https://www.tanium.com/blog/security-update-taniums-response-to-the-klue-breach-that-allowed-data-exfiltration-from-salesforce/), Huntress (https://www.huntress.com/blog/klue-breach-investigation), and Jamf (https://www.jamf.com/blog/klue-incident/) have been impacted and have shared updates publicly. Our investigation shows that, to our knowledge at this point in time, the impact was primarily limited to business data fields within the Salesforce environments. This includes customer business contact information and only the title and description from a limited subset of customer support cases. The body or contents of the support cases were not included nor did it affect Snyk's products. There was no impact on our ability to serve our customers. Snyk's platform, services, and infrastructure remain fully operational and were not involved. Upon notification from Klue, we promptly disabled the Klue integration in Salesforce and began our own review. We will post updates here as we learn more.

We are currently experiencing an unexpected issue affecting our SAST scans and certain API triggered tests. Our engineering team is actively monitoring the situation to fully understand the impact and isolate the root cause. While we work to restore full functionality, some users may experience intermittent or immediate failures in their running scans and automated test suites. We will provide updates as they become available.

Our engineers are investigating degradation affecting app.snyk.io. This impacts user-initiated events such as imports, manual retests, PR checks, CLI, API endpoints on the app.snyk.io environment. Other environments are unaffected. The Snyk Incident Response has identified and mitigated the issue. We will continue to monitor to ensure services fully recover and remain stable.

Engineering have detected a delay in data affecting Issue API results on the app.snyk.io environment. Project data, UI based Reporting, and Export API are not affected. We are investigating and will report back here with any updates.

Our engineers are investigating degradation affecting app.snyk.io. Customers may experience continuous loading and/or slowness when accessing the Snyk UI. This may also impact the testing of projects. The Snyk Incident Response has been invoked.

Please note that the ability to create or reply to cases via email has been temporarily turned off. If you need to log a new issue or update an existing case, please do so directly through the ticketing portal. We will let you know as soon as email functionality is restored. Thank you for your patience!

During our recent Recurring Tests, we observed that some email notifications were not sent to alert customers to new vulnerabilities.  All Recurring Tests have completed successfully, and customers can view their results within the Snyk UI.  We have now implemented a fix. Email notifications will resume with the next scheduled run.

Between 12:03 and 12:04 UTC today (1st June 2026), Snyk experienced a brief period of degradation affecting Snyk Code scans and custom Rule Extension tests. This impacted scans run via the CLI, IDE plugins, CLI uploads, as well as PR Checks. Services have now fully recovered. Please retry any scans or tests that failed during this window.