News
LastPass Website Was Hacked, But Passwords Weren’t Accessed
CTN News – LastPass says that a hacker infiltrated its internal systems for developing software, not customer password information. Hackers stole ‘portions of source code and some proprietary LastPass technical information.
On Thursday, LastPass sent out an email to customers about the breach, which the company detected about two weeks ago. “We have no evidence that this incident involved any access to customer data or encrypted password vaults,” the message added.
LastPass said an unauthorized party obtained access to portions of its development environment through a compromised developer account and took portions of the source code and proprietary information.
In response, the company has deployed “containment and mitigation measures,” and hired a leading cybersecurity firm to investigate the intrusion. The company has also posted FAQ(Which opens in a new window) about LastPass.
LastPass hasn’t provided other details as the vendor embarks
LastPass hasn’t provided other details as the vendor embarks on the forensics investigation. But a major concern is whether the stolen proprietary data will pave the way for cybercriminals to uncover vulnerabilities in the company’s password management products.
According to LastPass’ FAQ, the company doesn’t store information on the “Master Password” customers use to access their accounts. Instead, the company uses “zero knowledge” encryption to unlock access to a user’s account.
At this time, we don’t recommend any action on behalf of our users or administrators, the company’s FAQ adds. But for extra protection, consider activating the multi-factor authentication(Which opens in a new window) on the account.
LastPass plans on updating customers about the investigation as it proceeds. Neil J. Rubenking, PCMag’s Lead Analyst for Security, received the email from LastPass but says he’s not worried.
Is LastPass owned by Google?
LastPass Becomes Independent Firm, But It’s Still Owned by Private Equity
Related CTN News:
PLEX Confirmsf Data Hack, User Details, And Passwords Are Stolen
Micro Focus To Be Acquired At 99% Premium By Open Text
COVID-19 Incubation Period Varies By SARS-CoV-2 Strain