LastPass Compromised, Data Stolen
LastPass, a password management firm was hacked two weeks ago, allowing hackers to steal the company’s and proprietary technical data.
The incident surfaced after Bleeping Computer came to know about the breach from insiders and contacted the company last week. According to experts, the employees faced difficulties to contain the breach after LastPass was compromised.
LastPass issued a security advisory accepting the company was compromised through a breached developer account that attackers use to gain access to the company’s developer environment.
Company launches investigation
According to LastPass, there is no evidence that encrypted password vaults or customer data were compromised, but the attackers did steal “proprietary LastPass technical data” and chunks of their source code.
Responding to the incident, the company has deployed containment and mitigation measures and hired a leading cybersecurity agency to look into the issue.
The investigation is in process, LastPass said the containment state has been achieved, it has applied advanced security measures, and hasn’t noticed any further evidence of malicious activity.
The company didn’t disclose any
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: