iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Password management app LastPass has announced that hackers have breached its cloud storage containing customer data.
The company, which aims to increase security by encouraging users not to reuse passwords and allowing them to make longer ones by storing them all together, was attacked back in August making this the second data breach in five months.
LastPass is one of the most popular password management systems on the market, saying that it is used by over 33 million people and 100,000 businesses.
The company has said that cyber attackers gained access to customer data using information they had stolen from the previous breach.
Hackers gained access to the company’s developer environment using a hacked developer account, stealing source code and technical information that allowed them to access customer data in this most recent breach.
“We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo,” said LastPass chief executive officer Karim Toubba.
“We have determined that an unauthorised party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information.”
LastPass has maintained that despite the hack, customer passwords remain safe.
“Our customers’ passwords remain safely encrypted due to LastPass’ Zero Knowledge architecture,” added Toubba.
"We are working diligently to understand the scope of the incident and identify what specific information has been accessed.”
The company has announced that it has “immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement”.
Be the first to hear the latest developments in the cyber industry.
