In a subsequent update, the company revealed that the attackers behind the August security breach maintained internal access to their systems for four days until they were evicted. In emails sent to customers at the time, Lastpass confirmed the attackers had stolen source code and proprietary technical information from its systems. The advisory was published days after BleepingComputer reached out to the company and received no response to questions regarding a possible breach. This is the second security incident disclosed by Lastpass this year after confirming in August that the company's developer environment was breached via a compromised developer account. LastPass NovemBreached twice in one year Customer passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture. We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate GoTo. "We are working diligently to understand the scope of the incident and identify what specific information has been accessed," Lastpass added. It also noted that customers' passwords have not been compromised and "remain safely encrypted due to LastPass's Zero Knowledge architecture." Lastpass said it hired security firm Mandiant to investigate the incident and notified law enforcement of the attack. "We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers' information." "We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo," the company said.
The company added that, once in, the threat actors also managed to access customer data stored in the compromised storage service.
LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022.
0 kommentar(er)
