Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Lastpass says hackers accessed customer data in new breach
#1
[Image: XyLaYfM.jpg]

LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022.

The company added that, once in, the threat actors also managed to access customer data stored in the compromised storage service.

"We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo," the company said.

"We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers' information."

Lastpass said it hired security firm Mandiant to investigate the incident and notified law enforcement of the attack.

It also noted that customers' passwords have not been compromised and "remain safely encrypted due to LastPass's Zero Knowledge architecture."

"We are working diligently to understand the scope of the incident and identify what specific information has been accessed," Lastpass added.

[Image: mNqjD7P.png]

Breached twice in one year

This is the second security incident disclosed by Lastpass this year after confirming in August that the company's developer environment was breached via a compromised developer account.

The advisory was published days after BleepingComputer reached out to the company and received no response to questions regarding a possible breach.

In emails sent to customers at the time, Lastpass confirmed the attackers had stolen source code and proprietary technical information from its systems.

In a subsequent update, the company revealed that the attackers behind the August security breach maintained internal access to their systems for four days until they were evicted.

LastPass is behind one of the most popular password management software, claiming that it's being used by more than 33 million people and 100,000 businesses.

source
Reply
#2
Bye, bye LastPass. 
Oh no
Reply
#3
Used it a while ago and like the interface and features. But don't use it anymore. Think it's time they start worrying about the company's structure and future.
Reply
#4
Used for many years but quit using when they had their 1st security incident.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  LastPass Hack Update: user vault data and information stolen tarekma7 0 1,286 12-24-2022 , 04:17 PM
Last Post: tarekma7
  Update SAMSUNG: Important Notice Regarding Customer Information tarekma7 0 1,069 09-03-2022 , 09:54 AM
Last Post: tarekma7
  Hackers leak stolen Pfizer COVID-19 vaccine data online tarekma7 0 1,035 01-14-2021 , 09:11 AM
Last Post: tarekma7
  Twitter: Hackers targeted 130 accounts, no passwords accessed tarekma7 0 1,790 07-18-2020 , 12:08 AM
Last Post: tarekma7



Users browsing this thread: 4 Guest(s)