You are currently viewing LastPass Hacked, Customer Data and Vaults Secure

LastPass Hacked, Customer Data and Vaults Secure

The password manager, LastPass recently unveiled that the attackers who breached its
security in August 2020 also had access to its network for four days. 


As per the latest statements by LastPass, the company suffered from the interference of cyber attackers for four days in august 2022. Luckily, the company was able to detect and remove malicious actors during this period. 

With regards to the investigation updates concerning the security breach, the CEO of
LastPass, Karim Toubba published a notice, stating, “We have
completed the investigation and forensics process in partnership with Mandiant.” 


Furtermore, the company also stated, “There is no evidence of any threat actor
activity beyond the established timeline. We can also confirm that there is no evidence that
this incident involved any access to customer data or encrypted password vaults.” 


During the investigation, the company found that the malicious actors got access to the
development environment by compromising a developer’s endpoint. After the developer
completed its multi-factor authentication, the cyber attackers used their persistent access in
imitating the developer and entered the development environment. 


However, the company commented that the system design and controls of the
developer environment prevented threat actors from meddling with customer data or coded password vaults. 


The security measures of LastPass include a master password, which is required to access the
vaults and decrypt the data. However, LastPass does not store that master password, which invalidates any other attempt of accessing other than by the user himself. In essence, LastPass does not have access to its users’ master passwords. 

In an analysis of source code and production, it was found that as LastPass does not allow
any developer from the development environment to push source code into a production
environment without a fixed process, the threat actors were also unable to inject any
code-poisoning or malicious code. 


In order to extend support to LastPass’s customers, Toubab further assured in the notice that they “have deployed enhanced security controls including additional endpoint security controls
and monitoring.” The company has worked jointly with Mandiant, an American cybersecurity firm and a subsidiary of Google – to conclude that no sensitive data has been compromised. 

In 2015, the company witnessed a security incident that impacted email addresses, authentication hashes, and password reminders along with other data. Today, LastPass has approximately 33 million customers, thus a similar security breach would have a more jarring impact and hence is a matter of utmost concern. LastPass persuaded customers that their private data and passwords are safe with them as there was no evidence suggesting that any customer data was compromised. 

Read the full article here

News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.