Pages: [1]   Go Down
  Print  
Author Topic: LastPass Hacked for Second Time This Year  (Read 126 times)
HCK
Global Moderator
Hero Member
*****
Posts: 79425



« on: December 05, 2022, 04:05:05 pm »

LastPass Hacked for Second Time This Year

Password management app LastPass says it is investigating a security incident after an "unauthorized party" compromised its systems on Wednesday and gained access to some customer information.



" width="1125" height="633" class="aligncenter size-full wp-image-783907

The information was stored in a third-party cloud service shared by LastPass and parent company GoTo, said LastPass CEO Karim Toubba in a blog post. Toubba said the hackers used information stolen from LastPass' systems in a separate previously disclosed incident that occurred in August of this year. Toubba added in the blog post that "customers' passwords remain safely encrypted."

We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo. We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement.



We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers' information. Our customers' passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.
According to a blog post dated August 22, the previous incident saw a threat actor gain access to the LastPass Development environment using a developer's compromised endpoint to steal source code and some proprietary LastPass technical information. LastPass said at the time that its systems "prevented the threat actor from accessing any customer data or encrypted password vaults."



LastPass is currently working to understand the scope of Wednesday's incident and identify what specific information has been accessed. GoTo, formerly LogMeIn, said it was also investigating the incident, although it did not explain whether GoTo users were also impacted by the hack. In the meantime, LastPass products and services remain "fully functional," said Toubba. <div class="linkback">Tags: LastPass, Security</div>
This article, &quot;LastPass Hacked for Second Time This Year&quot; first appeared on MacRumors.com

Discuss this article in our forums



Source: LastPass Hacked for Second Time This Year
Logged
Pages: [1]   Go Up
  Print  
 
Jump to: