Password manager LastPass has told customers that some of their information has been accessed in a cybersecurity breach, but says passwords remain safe.
LastPass is one of several password managers that aim to reduce the reuse of passwords online by storing them in a single app.
It also makes it easier for users to generate strong passwords as required.
In August, LastPass determined that some of its source code and technical information was taken from unauthorised access to a third-party storage service the company had been using.
After investigation, the company said while the threat actor had been able to access the company’s development environment, the system had prevented access to customer data or encrypted passwords.
However, last Wednesday the company’s CEO Karim Toubba advised customers that an unauthorised party using information gleaned from the previous attack had subsequently accessed certain elements of customer information.
LastPass did not specifically say what that information was, but claims passwords remain safely encrypted.
Toubba said the company would put in place more security measures and monitoring to detect any more threat actor activity.
CyberBeat is a grassroots initiative from a team of producers and subject matter experts, driven out of frustration at the lack of media coverage, responding to an urgent need to provide a clear, concise, informative and educational approach to the growing fields of Cybersecurity and Digital Privacy.
If you have a story of interest, a comment, a concern or if you'd just like to say Hi, please contact us
We couldn't do this without the support of our sponsors and contributors.