Password keeper app LastPass just got hacked again

If there’s an app that shouldn’t get hacked is the one you use to store your passwords and credentials. Unfortunately, LastPass seems to be having a bad year, as this is the second time the company has announced it has had a “security incident.” Here’s what you need to know.

In a blog post, LastPass CEO Karim Toubba said that the company recently detected “unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo.”

It seems the hackers were able to use obtained information from the August “incident” to gain access to “certain elements” of LastPass users. That said, Toubba stated that customers’ passwords remain “safely encrypted due to the app’s Zero Knowledge architecture.”

We are working diligently to understand the scope of the incident and identify what specific information has been accessed. In the meantime, we can confirm that LastPass products and services remain fully functional. 

LastPass CEO says the company continues to “deploy enhanced security measures and monitoring capabilities across our infrastructure to help detect and prevent further threat actor activity.”

Background

LastPass got some source code and technical information taken in August. The company made an investigation and offered a report 20 days later, in September.

Our investigation determined that the threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication.  

Although the threat actor was able to access the Development environment, our system design and controls prevented the threat actor from accessing any customer data or encrypted password vaults.  

At that time, the CEO also said that none of the users’ information was hacked. You can learn more about it here.

More tech coverage: 1Password 8 now available to Apple Watch users, here’s how it works

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.