Source Code, Proprietary Technical Info Stolen at LastPass, a Global Password Management Firm

August 30, 2022

INCIDENT

Password management software firm LastPass, owned by GoTo (formerly LogMeIn), has suffered a data breach that led to the theft of source code and proprietary technical information. The firm said that the customer master passwords or any encrypted password vault data were not compromised. The latest hack comes on the heels of LastPass users being targeted with “credential stuffing” attacks that use email addresses and passwords obtained from third-party breaches.

Bleepingcomputer reported that security researchers Bob Diachenko said he recently found thousands of LastPass credentials while going through Redline Stealer malware logs. LastPass users are advised to enable multi-factor authentication to protect their accounts. BleepingComputer reports this as a developing story and has reached out with further questions about the attack.

Incident Date

August 12, 2022

Location

Estimated Cost

unknown

Victims

Type of Malware

No Malware identified

Threat Source

No threat source identified