INCIDENT: Source Code, Proprietary Technical Info Stolen at LastPass, a Global Password Management Firm

Password management software firm LastPass, owned by GoTo (formerly LogMeIn), has suffered a data breach that led to the theft of source code and proprietary technical information. The firm said that the customer master passwords or any encrypted password vault data were not compromised. The latest hack comes on the heels of LastPass users being targeted with “credential stuffing” attacks that use email addresses and passwords obtained from third-party breaches.

Bleepingcomputer reported that security researchers Bob Diachenko said he recently found thousands of LastPass credentials while going through Redline Stealer malware logs. LastPass users are advised to enable multi-factor authentication to protect their accounts. BleepingComputer reports this as a developing story and has reached out with further questions about the attack.

Incident Date

August 12, 2022

Location

Estimated Cost

unknown

Victims

Type of Malware:

No Malware identified

Threat Source:

No threat source identified

References:

  • LastPass developer systems hacked to steal source code
  • LastPass Says Source Code Stolen in Data Breach

Industries:

Impacts

IT Privacy

Pin It on Pinterest

Scroll to Top