Explorer

LastPass Hacking: Password Manager With 25 Million Users Says It Was Breached

One of the biggest password managers, LastPass has been hacked, the company has confirmed.

One of the world's biggest password managers with 25 million users, LastPass has been hacked, the company has confirmed. In an advisory, LastPass CEO, Karim Toubba confirmed that an unauthorised party had stolen "portions of source code and some proprietary LastPass technical information". Two weeks ago, LastPass detected some unusual activity within portions of its development environment, the company said.

Also read: North Korea's Lazarus Group Infamous For WannaCry Hack Now Targets Mac Users With Fake Job Posts

"We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information. Our products and services are operating normally," the company CEO said in a statement.

According to LastPass, in response to the hacking incident, it has deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm. "While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity," Toubba added.

Also read: Beware! This Italian Spyware Is Hacking Apple iPhones And Android Smartphones

"Based on what we have learned and implemented, we are evaluating further mitigation techniques to strengthen our environment," the company CEO noted.

The company has included a brief FAQ along with the advisory of what it anticipates will be the most pressing initial questions and concerns from its users and mentioned that it would continue to update users with the "transparency" they deserve.

The company noted that the hacking incident did not compromise users' "Master Password" as it never stores or have knowledge of users' Master Password. It utilises Zero Knowledge architecture that ensures LastPass can never know or gain access to our customers’ Master Password.

Further, according to LastPass' investigation, there has been no evidence of any unauthorised access to customer data in its production environment.

Top Headlines

Apple Sues OpenAI, Claims Former Employees Took Confidential Hardware Secrets
Apple Sues OpenAI, Claims Former Employees Took Confidential Hardware Secrets
Blocked 140, 1600 Numbers? You Could Miss OTPs And Bank Alerts, Government Warns
Blocked 140, 1600 Numbers? You Could Miss OTPs And Bank Alerts, Government Warns
WhatsApp Username New Feature: Govt Examining Meta’s Reply After Raising Cyber Fraud Concerns
WhatsApp Username New Feature: Govt Examining Meta’s Reply After Raising Concerns
BSNL Launches Rs 1.34 Lakh Satellite Phone That Doesn't Need Network, Buying It Isn't Easy
BSNL Launches Rs 1.34 Lakh Satellite Phone That Doesn't Need Network, Buying It Isn't Easy

Videos

BREAKING: Trump Ally Lindsey Graham Dies Suddenly After Kyiv Visit, Questions Rise Over Death
BREAKING: Muzaffarnagar Kanwar Yatra Row: Police Probe Begins Into Viral Uniform Threat Video
BREAKING: Meerut Lalita Murder Case Sparks Protest Row as Politics Intensifies After Arrests
BREAKING: Vinayak Raut Family Faces FIR After Daughter-in-Law Alleges Black Magic and Harassment
Breaking: PM’s Indo-Pacific Outreach: 10 Key Outcomes Shaping India’s Strategic Global Vision

Photo Gallery

25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Embed widget