LastPass
LastPass used to be one of the best password managers, but more recently, its reputation has taken a hit from multiple security breaches. Now the company has confirmed the last one was really bad.
LastPass suffered a security breach back in August, when a hacker gained access to development environments and was able to steal source code and other proprietary information. Later in December, LastPass confirmed a hacker was able to use that data to “gain access to certain elements of our customers’ information.” The company didn’t clarify what “certain elements” meant, until now.
LastPass just disclosed the full scope of the attack, following an “ongoing investigation.” The hacker was able to access a cloud storage environment using data from the August security breach, which included “basic customer account information and related metadata including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service.” Credit card information was apparently not accessed.
The worst part is that the hacker successfully copied vault data from LastPass, though the company called it “a backup,” so it’s not clear…
Read Full Article Source
