• World CyberCon India
Data Breaches Firewall Daily Main Story

LastPass Breached: Over 25 Million Users May Have Been Affected

In a blog post published on August 25, 2022, LastPass CEO Karim Toubba disclosed that the company had discovered some unusual activities within the development department.

LastPass Breached: Over 25 Million Users May Have Been Affected
  • PublishedAugust 26, 2022

LastPass, the market leader in password management software, became a cyberattack victim after hackers took critical files and internal source code via a compromised employee account. The company claimed no password vaults or customer information was compromised. According to reports, the theft occurred at a more linear level, beginning with the source code and private information.

The password management company asserted that all standard processes were working correctly and received zero damage post the breach. It also assured customers that the cyberattack didn’t reach their customers’ and clients’ password vaults.

With over 25 million users and 80,000 commercial clients, the company appears to continue functioning on its regular schedule and will mitigate the incident to upscale its security and protection.

LastPass breached by hackers

In a blog post published on August 25, 2022, LastPass CEO Karim Toubba disclosed that the company had discovered some unusual activities within the development department. After looking into the incident, the team found no proof that the unknown hacker had accessed any company-stored encrypted password vaults or customer data.

The company’s CEO also discussed how a single compromised developer account allowed an unauthorized individual to view the LastPass source code. As a result, the TA took a piece of the source code and some confidential LastPass technical data.

LastPass’s response to the attack

The company added that it would employ top cybersecurity experts and forensics firms to implement containment and mitigation techniques in response to the attack and prevent more incidents like this from happening in the future.

Toubba said, “While our investigation is ongoing, we have managed to control the situation, added more advanced security measures, and don’t currently have any new indications of unauthorized activity.”

Based on what the company discovered during and after the incident, LastPass will consider more mitigation strategies to improve the corporation’s infrastructure and environment. The post also shared a list of the most frequently asked questions that users might have after the breach.

Written By
Editorial

The Cyber Express is a publication that aims to provide the latest news and analysis about the information security industry. The news comes from a variety of sources and is updated regularly so that readers can stay up to date with the latest happenings in this rapidly growing field.