OneTrust

OneTrust provides a unified platform that helps organizations manage privacy, security, and data governance requirements. The company’s software supports compliance with regulations such as the GDPR, CCPA, HIPAA, and various industry‑specific standards. It offers modules for consent management, risk assessments, vendor risk, incident response, and data mapping. OneTrust serves a global customer base that includes enterprises across technology, finance, healthcare, and retail sectors. The platform is designed to automate workflows and provide real‑time visibility into personal data flows and risk exposure. By integrating with existing IT systems, OneTrust aims to reduce manual effort and improve adherence to evolving privacy laws.

In June 2026, OneTrust was identified as one of the customers affected by a supply chain attack targeting the Klue platform. The attack exploited legacy credentials to gain unauthorized access to Salesforce integrations used by Klue’s customers. As a result, threat actors were able to exfiltrate data from OneTrust’s Salesforce instance, although the specific data taken has not been disclosed publicly. This incident highlights the risks that organizations face when relying on third‑party service providers for critical functions such as CRM integration. OneTrust’s primary offering remains privacy management software that assists other companies in meeting regulatory obligations. The Klue breach underscores the importance of securing external connections even for firms that specialize in protecting data privacy.