Monday, October 7, 2024
HomeCyber AttackLastPass Hacked - Attackers Breached Cloud Storage & Access Customer Data

LastPass Hacked – Attackers Breached Cloud Storage & Access Customer Data

Published on

Using data from the August 2022 incident, LastPass experienced a breach of user information within a third-party cloud storage service.

LastPass is a freemium Android password manager that simply collects encrypted passwords online, and LogMeIn, Inc. obtained the LastPass in October 2015.

“We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo,” the company said.

- Advertisement - EHA

“We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information.”

The breach is the subject of an ongoing investigation conducted by Mandiant, according to LastPass CEO Karim Toubba, who also stated that law enforcement had been informed.

Additionally, the company stated that customer passwords “remain safely encrypted due to LastPass’s Zero Knowledge architecture” and have not been compromised.

August 2022 Saw a Breach of the Organization’s Developer Environment

In the August incident, a developer account that had been hijacked by hackers had allowed them access to the company’s developer environment.

At the time, the company stated that no customer information or passwords had been exposed and that the attacker had only accessed “source code and some proprietary LastPass technical information” as a result of the incident.

The company then disclosed that the attackers of the security breach in August had internal access to its systems for four days before being ejected.

It’s unclear in this instance what exact consumer information was disclosed.

“We are working diligently to understand the scope of the incident and identify what specific information has been accessed”, according to LastPass’s recent notice of a security incident.

“We can confirm that LastPass products and services remain fully functional”. 

Company’s Response to the Incident

The company promised to implement improved security controls and monitoring tools to stop further threat activity.

“As part of our efforts, we continue to deploy enhanced security measures and monitoring capabilities across our infrastructure to help detect and prevent further threat actor activity”, LastPass.

Penetration Testing As a Service – Download Red Team & Blue Team Workspace

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hybrid Analysis Utilizes Criminal IP’s Robust Domain Data for Better Malware Detection

Criminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA,...

RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files

The researcher investigated the potential security risks associated with debugging dump files in Visual...

Cacti Network Monitoring Tool Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been identified in the Cacti network monitoring tool that...

Microsoft & DOJ Dismantles Hundreds of Websites Used by Russian Hackers

Microsoft and the U.S. Department of Justice (DOJ) have disrupted the operations of Star...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

North Korean Hackers Attempted To Steal Sensitive Military Data

Diehl Defence anti-aircraft missiles from Baden-Württemberg are successfully intercepting Russian attacks on Kyiv, according...

TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data

The threat actor, formed in 2023, specializes in ransomware attacks targeting Russian government organizations....

TeamTNT Hackers Attacking VPS Servers Running CentOS

TeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded...