“The trend of repeated hacks, where the company fails to eliminate the consequences of the breach for months, is frustrating.” “Since the company claims that the current hack is based on data compromised in the previous hack, this raises the question: Why did they not learn from the earlier hack and correct the root cause?” Mike Walters, VP of vulnerability and threat research at Action1, told Spiceworks. What the threat actors obtained in the previously compromised data to breach LastPass again is unknown.
#Customer fallout after lastpass breach code
The August 2022 breach, wherein the hackers had access to LastPass accounts for four days, compromised the source code and some proprietary technical information. Toubba didn’t talk about the type of information that was compromised but assured that the passwords of more than 33 million company users and more than 100,000 business accounts remain unaffected.
In a blog post, LastPass CEO Karim Toubba said the still unknown threat actors accessed “certain elements” of the password manager’s customer information. The recent breach came to light after the company noticed unusual activity in a third-party cloud storage service it shares with GoTo, its parent company. On Wednesday, LastPass confirmed it was breached, a fallout of the August 2022 incident wherein portions of source code and some proprietary LastPass technical information were compromised.
0 kommentar(er)
