Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information.

The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed, although the company provided no further details regarding the hack and what source code was stolen.

LastPass is one of the largest password management companies in the world, claiming to be used by over 33 million people and 100,000 businesses.

However, LastPass stores passwords in 'encrypted vaults' that can only be decrypted using a customer's master password, which LastPass says was not compromised in this cyberattack.

LastPass suffered a credential stuffing attack that allowed threat actors to confirm a user's master password. It was also revealed that LastPass master passwords were stolen by threat actors distributing the RedLine password-stealing malware.

Due to this, it is vital to enable multi-factor authentication on your LastPass Accounts so that threat actors won't be able to access your account even if your password is compromised.

latest news

Contact us  951 380 5401

100% Job placement

Craw Security



Malware Analysis course in saket