The company has shared that copies of customers’ password vaults were obtained along with names, emails, billing addresses, phone numbers, and more. LastPass last week revealed the extent of that data – and it was far worse than had been suspected. We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information. However, it subsequently emerged that the attacker then used this information to gain wider access to LastPass systems, and was then able to access customer data.
LASTPASS PASSWORDS CODE
Instead, said LastPass, an attacker took part of its source code and “some proprietary LastPass technical information.” After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults. Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. At the time, the company said that no customer data was accessed. BackgroundĪ LastPass security breach was revealed back in August. Indeed, it says, it would cost just $100 to crack the master password of a typical LastPass user.
LastPass claimed that cracking users’ master passwords would take millions of years, but 1Password says that this isn’t true for most users. After an independent security analyst described statements made by LastPass as “half-truths and outright lies,” rival password management company 1Password has also weighed in … The LastPass security breach controversy continues.
0 kommentar(er)
