LastPass hacked, key portions of internal code were pilfered, according to CEO's statement
LastPass, a popular password manager used by over 33 million registered users and more than 100,000 business customers, has experienced a breach. According to a statement made by Karim Toubba, the CEO of LastPass, the breach occurred in the company's development environment.
The statement indicates that containment and mitigation measures were swiftly deployed after the breach, and containment has since been achieved. No customer data or encrypted vaults were accessed during the breach, ensuring the safety of user information.
An authorized actor was able to access portions of LastPass's source code and some proprietary technical information. However, no new details about the actor or the breach's origin have been disclosed.
In response to the breach, LastPass has engaged a leading cybersecurity and forensics firm to help determine what happened during the incident. Enhanced security measures have also been implemented to further protect the system.
The investigation into the breach is ongoing, and the company is currently evaluating further mitigation measures to ensure the continued security of its users' data. No further evidence of unauthorized activity has been found, and the company is taking steps to address the breach.
Toubba reassured users in the statement that LastPass remains committed to maintaining the highest level of security for its users. He also encouraged users to enable multi-factor authentication and use strong, unique passwords for their LastPass accounts.
Despite the breach, LastPass remains a crucial tool for many individuals and businesses in managing their passwords securely. The company's swift response and ongoing efforts to address the breach should provide some reassurance to its users. The authorized actor who attacked LastPass systems and stole parts of the source code files and proprietary technical information has not been publicly identified in the available search results.
