2.7 C
New York

Major password manager suffers one other security breach

Published:

Password manager LastPass announced Wednesday it had suffered its second data breach in three months.

CEO Karim Toubba said the corporate recently detected unusual activity inside a third-party cloud storage service that’s shared by LastPass and affiliate GoTo.

He said an investigation was immediately launched into the incident by security firm Mandiant and that law enforcement had been alerted.

“Now we have determined that an unauthorized party, using information obtained within the August 2022 incident, was capable of gain access to certain elements of our customers’ information. Our customers’ passwords remain safely encrypted on account of LastPass’s Zero Knowledge architecture,” Toubba said.

CALIFORNIA DOJ RELEASED GUN DATA ACCIDENTALLY, DISPLAYED ‘POOR JUDGMENT’ IN BUNGLED RESPONSE, REVIEW FINDS

On this photo illustration, the emblem for online password manager service LastPass is reflected on the interior discs of a harddrive.
(Leon Neal/Getty Images)

LastPass is working to discover what specific information has been accessed and the scope of the incident. 

Services remain fully functional, and LastPass said it continues to deploy enhanced security measures and monitoring capabilities across its infrastructure. 

Toubba said further updates could be provided as LastPass learns more details. 

In this photo illustration, a LastPass logo is displayed on a smartphone.

On this photo illustration, a LastPass logo is displayed on a smartphone.
(Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images)

LAWMAKERS CONCERNED ABOUT CHINESE DRONES IN RESTRICTED SPACES AROUND CAPITOL

In August, LastPass said an unauthorized party had gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and a few proprietary LastPass technical information.

Following an investigation, Toubba said in September that the threat actor’s activity had been limited to a four-day period and confirmed that there is no such thing as a evidence this incident involved any access to customer data or encrypted password vaults. 

CLICK HERE TO GET THE FOX NEWS APP 

“We recognize that security incidents of any sort are unsettling but wish to assure you that your personal data and passwords are secure in our care,” he said then.

Julia Musto is a reporter for Fox News and Fox Business Digital. 

sportinbits@gmail.com
sportinbits@gmail.comhttps://sportinbits.com
Get the latest Sports Updates (Soccer, NBA, NFL, Hockey, Racing, etc.) and Breaking News From the United States, United Kingdom, and all around the world.

Related articles

spot_img

Recent articles

spot_img