LastPass, a password management company, has released an update regarding the security incident it disclosed on December 22, 2022. The company has completed its investigation and found no threat-actor activity since October 26, 2022. The incidents were caused by third-party software vulnerability, and the threat actor accessed non-production development and backup storage environments. LastPass proprietary data and customer data were stolen, including on-demand cloud-based development, source code repositories, internal scripts, internal documentation, devOps secrets, cloud-based backup storage, and backups of all customer vault data. The company has implemented additional security measures to harden its security while improving overall security operations. The update also includes recommended actions for customers to protect themselves or their businesses.
Lastpass security breach blog post — AI summarised
LastPass suffered a security breach, but there's been no activity since October 2022. The company has enhanced security measures, and we've got the details in this AI-summarized blog post. Find out what happened, what LastPass has done, and how you can protect yourself.