LastPass Hacked for Second Time This Year

by

Password management app LastPass says it is investigating a security incident after an "unauthorized party" compromised its systems on Wednesday and gained access to some customer information.

lastpass
The information was stored in a third-party cloud service shared by LastPass and parent company GoTo, said LastPass CEO Karim Toubba in a blog post. Toubba said the hackers used information stolen from LastPass' systems in a separate previously disclosed incident that occurred in August of this year. Toubba added in the blog post that "customers' passwords remain safely encrypted."

We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo. We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement.

We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers' information. Our customers' passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.

According to a blog post dated August 22, the previous incident saw a threat actor gain access to the LastPass Development environment using a developer's compromised endpoint to steal source code and some proprietary LastPass technical information. LastPass said at the time that its systems "prevented the threat actor from accessing any customer data or encrypted password vaults."

LastPass is currently working to understand the scope of Wednesday's incident and identify what specific information has been accessed. GoTo, formerly LogMeIn, said it was also investigating the incident, although it did not explain whether GoTo users were also impacted by the hack. In the meantime, LastPass products and services remain "fully functional," said Toubba.

Tags: LastPass, Security

Popular Stories

maxresdefault

Where's the New Apple TV?

Monday December 22, 2025 11:30 am PST by
Apple hasn't updated the Apple TV 4K since 2022, and 2025 was supposed to be the year that we got a refresh. There were rumors suggesting Apple would release the new Apple TV before the end of 2025, but it looks like that's not going to happen now. Subscribe to the MacRumors YouTube channel for more videos. Bloomberg's Mark Gurman said several times across 2024 and 2025 that Apple would...
Read Full Article184 comments
Apple Wallet ID Illinois

Apple Plans to Expand iPhone Driver's Licenses to These 7 U.S. States

Wednesday December 24, 2025 8:40 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. The feature is currently available in 13 U.S. states and Puerto Rico, and it is expected to launch in at least seven more in the future. To set up the...
Read Full Article71 comments
iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Launching Next Year With These 12 New Features

Tuesday December 23, 2025 8:36 am PST by
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for another nine months, there are already plenty of rumors about the devices. Below, we have recapped 12 features rumored for the iPhone 18 Pro models. The same overall design is expected, with 6.3-inch and 6.9-inch display sizes, and a "plateau" housing three rear cameras Under-screen Face ID Front camera in...
Read Full Article100 comments
iOS 26

iOS 26.2 Adds These 8 New Features to Your iPhone

Monday December 22, 2025 8:47 am PST by
Earlier this month, Apple released iOS 26.2, following more than a month of beta testing. It is a big update, with many new features and changes for iPhones. iOS 26.2 adds a Liquid Glass slider for the Lock Screen's clock, offline lyrics in Apple Music, and more. Below, we have highlighted a total of eight new features. Liquid Glass Slider on Lock Screen A new slider in the Lock...
Read Full Article
airpods color prototypes

Apple Tested AirPods in Bright Colors

Saturday December 27, 2025 6:06 am PST by
Apple reportedly tested a version of the first-generation AirPods with bright, iPhone 5c-like colored charging cases. The images, shared by the Apple leaker and prototype collector known as "Kosutami," claim to show first-generation AirPods prototypes with pink and yellow exterior casings. The interior of the charging case and the earbuds themselves remain white. They seem close to some...
Read Full Article81 comments
maxresdefault

10 Mac Apps Worth Trying in 2026

Wednesday December 24, 2025 9:27 am PST by
2026 is almost upon us, and a new year is a good time to try out some new apps. We've rounded up 10 excellent Mac apps that are worth checking out. Subscribe to the MacRumors YouTube channel for more videos. Alt-Tab (Free) - Alt-Tab brings a Windows-style alt + tab thumbnail preview option to the Mac. You can see a full window preview of open apps and app windows. One Thing (Free) -...
Read Full Article101 comments
top stories 2025 12 27

Top Stories: iPhone Fold Mockup, Where's the New Apple TV?, and More

Saturday December 27, 2025 6:00 am PST by
Merry Christmas and Happy Holidays from MacRumors! News in the Apple world has unsurprisingly been relatively slow over the past week, but Apple's upcoming foldable iPhone managed to make its way back into the news, while we also shared updates on current and future Apple TV news. iOS 26.3 will be bringing some new features, particularly for users in the EU, so we'll look for additional...
Read Full Article17 comments

Top Rated Comments

willzyx Avatar
willzyx
40 months ago

Why would you not use the built in password manager and instead willingly pay to use another, less secure, manager?
Because 3rd party password managers (1password, keeper, bitwarden) offer a lot more flexibility and security than Apple's built-in manager. Apple's version is good enough for basic functions, anything more and a dedicated manager is far more advanced. Everyone knows that LastPass is trash and has always been trash.
Score: 32 Votes (Like | Disagree)
Abazigal Avatar
Abazigal
40 months ago

Why would you not use the built in password manager and instead willingly pay to use another, less secure, manager?
It’s a pain to retrieve passwords when you want to key them into a non-Apple device. For example, when I went to log in to an account on my windows work laptop, I can view said password via the 1Password app on my Apple Watch. It’s also much easier to generate / change passwords in the 1Password app. iCloud Keychain really needs its own standalone manager app, rather than being hidden in the settings app.
Score: 30 Votes (Like | Disagree)
djcerla Avatar
djcerla
40 months ago
… but this time it’s the LastTime!
Score: 29 Votes (Like | Disagree)
ProfessionalFan Avatar
ProfessionalFan
40 months ago
I switched all my passwords to iCloud passwords. Not only does it work more seamlessly as an Apple ecosystem member, but it feels more secure.
Score: 25 Votes (Like | Disagree)
Poleri Avatar
Poleri
40 months ago
This is why I use BitWarden for years. :cool:
Score: 21 Votes (Like | Disagree)
TriBruin Avatar
TriBruin
40 months ago

That used to be true but now that they added 2FA and notes there isn’t much of a difference and, in Apple slickness, the 2FA integration is one tap seamless. The only reason I use BitWarden as well is for redundancy. I would like to see categories added, I do like that in BW.
Not much difference? If so, where can I get these features using iCloud:


* Multiple vaults so I can separate personal from work passwords?
* Ability to give family members access to certain passwords (like streaming services) while keeping other passwords only to myself
* Ability to store sensitive documents, along with personal information (Drivers License numbers, SSNs, etc.)
* Ability to fill MORE than just user name and password fields (At aa.com, I have to enter my number and last name to log in.)
* Ability to recognize when a site uses SSO via Apple, Google, GitHub, etc. and remember that setting so the next time I go to that site it takes me direcly to the correct SSO login?
* Save my SSH keys so I don't have to manually copy them to each computer I use?

If you have basic needs, sure iCloud works. But, the best Password managers do SO much more. People need to stop saying that Apple is "almost the same". They are not even in the same ballpark.
Score: 19 Votes (Like | Disagree)
Read All Comments