LastPass has publicly acknowledged a security incident, revealing that a developer account was compromised, with cybercriminals managing to access portions of the source code and some proprietary technical information.
The security breach took place earlier this month, LastPass says, and after an investigation, the company was able to confirm that no user data was exposed.
With the help of a cybersecurity and forensics firm, LastPass says it determined that users’ master passwords and vaults haven’t been compromised – for what it’s worth, the master passwords aren’t being stored on LastPass servers in the first place.
“Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults,” Last…
Read the original article: