Password app LastPass hit by cybersecurity breach
Password manager LastPass has told customers that some of their information has been accessed in a cybersecurity breach, but says passwords remain safe.
LastPass is one of several password managers that aim to reduce the reuse of passwords online by storing them in a single app.
It also makes it easier for users to generate strong passwords as required.
In August, LastPass determined that some of its source code and technical information was taken from unauthorised access to a third-party storage service the company had been using.
After investigation, the company said while the threat actor had been able to access the company’s development environment, the system had prevented access to customer data or encrypted passwords.
However, last Wednesday the company’s CEO Karim Toubba advised customers that an unauthorised party using information gleaned from the previous attack had subsequently accessed certain elements of customer information.
LastPass did not specifically say what that information was, but claims passwords remain safely encrypted.
Toubba said the company would put in place more security measures and monitoring to detect any more threat actor activity.
- CyberBeat
Latest News
- X u-turns to comply with Brazil court
- Taxi Apps sues Uber for launching an unlawful war to crush Australian competition
- Apple plans financial gains with with AI-centric in-house processors
- Microsoft’s free pass from government accountability
- Study reveals AI tools hold biases against women and girls
