LastPass’s data breach in August permitted a hacker to infiltrate the company again and steal customer data. LastPass announced on Wednesday that it was investigating the breach, which involved a third-party cloud storage service linked to company systems.
“We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information,” the company wrote in a blog post(Opens in a new window).
It is unknown what data was stolen. LastPass, on the other hand, has stated that customers’ passwords should be safe because the company does not store(Opens in a new window) information on the “Master Password” that customers use to access the encrypted password vaults on the platform.
“We are working diligently to understand the scope of the incident and identify what specific information has been accessed. In the meantime, we can confirm that LastPass products and services remain fully functional,” the company said.
Nonetheless, the incident demonstrates that the August breach at LastPass was more serious than previously thought. At the time, the company confirmed that the August breach only affected internal software development systems and did not include any customer password information. Despite this, t
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: