LastPass Hacked: Password Manager With 25 Million Users Confirms Breach

LastPass has confirmed hackers stole partial source code

SOPA Images/LightRocket via Getty Images

One of the world’s biggest password managers with 25 million users, LastPass, has confirmed that it has been hacked. In an advisory published on August 25, Karim Toubba, the LastPass CEO, said that an unauthorized party had stolen “portions of source code and some proprietary LastPass technical information.”

What was accessed during the LastPass network breach?

The breach appears to have been of the development servers, facilitated by a compromise of a LastPass developer account and took place two weeks ago. Incident responders have contained the breach, and LastPass says there is no evidence of further malicious activity. Toubba also confirmed that neither has evidence been found of any customer data or encrypted password vaults being accessed.

MORE FROM FORBESGoogle Confirms New Attack Can Read All Gmail Messages: Iran Accounts TargetedBy Davey Winder

Has your LastPass master password or password vault been compromised?

LastPass users will, of course, be concerned that a hacker could have got hold of the keys to their online kingdom: their passwords. However, LastPass has made it clear that, courtesy of the ‘zero knowledge’ architecture implemented, master passwords are never stored. “LastPass can never know or gain access to our customers’ master password,” Toubba said, “this incident did not compromise your master password.” As such, LastPass says that no action is required by users in regard to their password vaults.

LastPass tweeted confirmation of hacking incident

Davey Winder

Not their first rodeo

While LastPass should be congratulated for the transparency being displayed in response to this incident, it isn’t the first time that users of the password manager have had to deal with news of a breach. In June 2015, the company confirmed that hackers had accessed the network. Then, unlike now, users were prompted to change master passwords when logging in.

MORE FROM FORBESNew Gmail Attack Bypasses Passwords And 2FA To Read All EmailBy Davey Winder

Concerns over what LastPass technical information was stolen

It’s good news that customer data was not compromised in this latest incident, but the fact that the intruder accessed source code and ‘proprietary technical information’ is worrying. Especially as there are no further details regarding exactly what has been stolen.

This is a breaking and, therefore, still developing story. I will update this article as more information becomes known.

Stay connected with us on social media platform for instant update click here to join our T witter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here

Read original article here

Denial of responsibility! Rapidtelecast.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.