It writes that although the initial breach ended on August 12, the hacker "was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activity" from August 12 to August 26. LastPass revealed more details of the second incident yesterday. Customer passwords remain safely encrypted due to LastPass's Zero Knowledge architecture. We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate GoTo. This was achieved using information acquired from the previous hack on LastPass in August. It was determined that the hacker was able to gain access to "certain elements" of customers' data. In December, LastPass said it had detected unusual activity within an AWS cloud storage service that the organization and GoTo, the company formerly known as LogMeIn that acquired LastPass in 2021, share. The company confirmed that the incident stemmed from a previous hack in August that enabled the hacker to steal credentials from a DevOps engineer's home computer and obtain a decrypted vault. In brief: Password manager LastPass has revealed details of a breach last year that resulted in partially encrypted user login data being stolen.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |