Legal Operations » Second Breach in Last Three Months for LastPass

Second Breach in Last Three Months for LastPass

internet-network-computer-security-vector-id1356945261 (1)

LastPass, a major password manager, has suffered its second breach in the past three months by the same unknown attackers. These threat actors breached LastPass’s third-party cloud storage service, shared by its affiliate “GoTo” and using information stolen during an August 2022 security incident. Once in, they accessed LastPass customer data. LastPass said that it hired security firm Mandiant to investigate and notified law enforcement of the attack. It did announce that customers’ passwords were not compromised and “remain safely encrypted due to LastPass’s Zero Knowledge architecture.” The company had confirmed in August that its developer environment was breached by a compromised developer account during a four-day period. In emails sent to customers at the time, LastPass confirmed the attackers had stolen source code and proprietary technical information from its systems. LastPass’s password management software is used by more than 33 million people and 100,000 businesses.

Get our free daily newsletter

Subscribe for the latest news and business legal developments.

Read this next

Top 100 Litigator Sues Blue Cross Over His Cancer Treatment

In 2018, Robert Salim, 67, realized he was seriously ill. After numerous […]

Eight States Now Require Pay Transparency in Job Postings

Financial Industry Suing to Foil New Regulations

New rules aimed at lenders, investment funds, and other financial entities would […]

Regulatory Burden Factors Into AI Decision

GC Must Warn Boards Of AI Risks

There are companies investing hundreds of millions of dollars or more into […]

Scroll to Top