Your Web News in One Place

An Interest In:

Web News this Week

Search Archive

Some of Our Sources

View All Sources

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
February 28, 2023 02:46 pm

LastPass reveals attackers stole password vault data by hacking an employees home computer




A cartoon illustration shows a shadowy figure carrying off a red directory folder, which has a surprised-looking face on its side.
The attacker stole credentials from a senior DevOps engineer to gain access to shared cloud storage containing the encryption keys for customer vault backups. | Illustration: Beatrice Sala



LastPass says that a threat actor was able to steal corporate and customer data by hacking an employee’s personal computer and installing keylogger malware, which let them gain access to the company’s cloud storage. The update provides more information about how the series of hacks happened last year that resulted in the popular password manager’s source code and customer vault data being stolen by an unauthorized third party.


Last August, LastPass notified its users of a “security incident” in which an unauthorized third party used a compromised developer account to access the password manager’s source code and “some proprietary LastPass technical information.” The company later disclosed a second security breach in November, announcing...



Continue reading…




Original Link: https://www.theverge.com/2023/2/28/23618353/lastpass-security-breach-disclosure-password-vault-encryption-update

Share this article:    Share on Facebook
View Full Article

The Verge

The Verge is an ambitious multimedia effort founded in 2011

More About this Source Visit The Verge