LastPass Hacked – Attackers Breached Cloud Storage & Access Customer Data

Using data from the August 2022 incident, LastPass experienced a breach of user information within a third-party cloud storage service.

LastPass is a freemium Android password manager that simply collects encrypted passwords online, and LogMeIn, Inc. obtained the LastPass in October 2015.

“We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo,” the company said.

“We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information.”

The breach is the subject of an ongoing investigation conducted by Mandiant, according to LastPass CEO Karim Toubba, who also stated that law enforcement had been informed.

Additionally, the company stated that customer passwords “remain safely encrypted due to LastPass’s Zero Knowledge architecture” and have not been compromised.

August 2022 Saw a Breach of the Organization’s Developer Environment

In the August incident, a developer account that had been hijacked by hackers had allowed them access to the company’s developer environment.

At the time, the company stated that no customer information or passwords had been exposed and that the attacker had only accessed “source code and some proprietary LastPass technical information” as a result of the incident.

The company then disclosed that the attackers of the security breach in August had internal access to its systems for four days before being ejected.

It’s unclear in this instance what exact consumer information was disclosed.

“We are working diligently to understand the scope of the incident and identify what specific information has been accessed”, according to LastPass’s recent notice of a security incident.

“We can confirm that LastPass products and services remain fully functional”. 

Company’s Response to the Incident

The company promised to implement improved security controls and monitoring tools to stop further threat activity.

“As part of our efforts, we continue to deploy enhanced security measures and monitoring capabilities across our infrastructure to help detect and prevent further threat actor activity”, LastPass.

Penetration Testing As a Service – Download Red Team & Blue Team Workspace