Like LastPass, the company has assured customers that its products and services are fully functional despite the breach. In an announcement of its own, remote work and collaboration tools provider GoTo has admitted that bad actors gained entry into its development environment. While the unauthorized party was able to access some user information this time, LastPass said customers' passwords remain safely encrypted. Apparently, the hacker's access was limited to the service's development environment. The hacker was able to steal some of the password manager's source code and technical information, but LastPass said customers' data and encrypted password vaults remained untouched. If you'll recall, LastPass was hacked back in August, and Toubba admitted after an investigation that the unauthorized party had internal access to its systems for four days. Further, they've discovered that the bad actor was able to access "certain elements" of its customers' information. Together, they've determined that the unauthorized party got into LastPass' cloud service by using information obtained from the security breach it suffered in August this year. To investigate the incident, LastPass has teamed up with security firm Mandiant.
Toubba said the company detected an unusual activity within a third-party cloud storage service that it shares with its parent company GoTo, which was formerly known as LogMeIn. LastPass CEO Karim Toubba has revealed that the password manager has been breached again.
0 kommentar(er)
