From bgr.com

Password keeper app LastPass just got hacked again

Published Dec 2nd, 2022 9:34AM EST

LastPass app

If there’s an app that shouldn’t get hacked is the one you use to store your passwords and credentials. Unfortunately, LastPass seems to be having a bad year, as this is the second time the company has announced it has had a “security incident.” Here’s what you need to know.

In a blog post, LastPass CEO Karim Toubba said that the company recently detected “unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo.”

It seems the hackers were able to use obtained information from the August “incident” to gain access to “certain elements” of LastPass users. That said, Toubba stated that customers’ passwords remain “safely encrypted due to the app’s Zero Knowledge architecture.”

We are working diligently to understand the scope of the incident and identify what specific information has been accessed. In the meantime, we can confirm that LastPass products and services remain fully functional.

LastPass CEO says the company continues to “deploy enhanced security measures and monitoring capabilities across our infrastructure to help detect and prevent further threat actor activity.”

Background

LastPass got some source code and technical information taken in August. The company made an investigation and offered a report 20 days later, in September.

Our investigation determined that the threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication.

Although the threat actor was able to access the Development environment, our system design and controls prevented the threat actor from accessing any customer data or encrypted password vaults.

At that time, the CEO also said that none of the users’ information was hacked. You can learn more about it here.

More tech coverage: 1Password 8 now available to Apple Watch users, here’s how it works

Password keeper app LastPass just got hacked again

José is a Tech News Reporter at BGR. He has previously covered Apple and iPhone news for 9to5Mac, and was a producer and web editor for Latin American broadcaster TV Globo. He is based out of Brazil.

The post Password keeper app LastPass just got hacked again first appeared on bgr.com

New reasons to get excited everyday.



Get the latest tech news delivered right in your mailbox

Password keeper app LastPass just got hacked again

5 Reasons Why You Should Try Online Horse Race Betting

In many places around the world, horse races are an attraction that a lot of people love to watch. With the fast-paced action and thrill that each game provides, it is no longer surprising to know that millions of fans have grown fond of it.
Password keeper app LastPass just got hacked again

NordLayer — more than a business VPN

Cybersecurity threats have become vast and more sophisticated. The rate of malware attacks and malicious activity counts within seconds despite the size or sector the organization belongs to — no one is safe enough to expect that foe actors will bypass vital company resources.

Password keeper app LastPass just got hacked againPassword keeper app LastPass just got hacked again

You may also like

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments

More in Tech News