Further, LastPass discovered that the threat actors also accessed ‘certain elements of customers’ information. The company didn’t confirm what data the threat actors accessed. But LastPass has assured its customers that their passwords “remain safely encrypted because of LastPass’s Zero Knowledge architecture.” “We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information.” LastPass has informed law enforcement about the attack and is now working with Google-owned Mandiant to investigate the incident. In another announcement, the remote work and collaboration tool service GoTo admitted that the threat actors gained entry into its development environment. Similar to LastPass, GoTo has assured consumers that their products and services are functional despite the breach. “We are working diligently to understand the scope of the incident and identify what specific information has been accessed,” LastPass added. LastPass has emphasized that they are continuing to employ enhanced security measures and monitoring capabilities to help detect and prevent further security breaches.
Second security breach for LastPass
This is the second security breach for LastPass in 2022. In August, the company admitted after an investigation that an unauthorized party had internal access to its systems for four days. The threat actors breached the company’s developer environment via a compromised developer account. The attackers stole portions of the source code, along with some proprietary technical information. But LastPass said customers’ data and encrypted passwords remained untouched as they store passwords in encrypted vaults.