LastPass Hacked for Second Time This Year
Password management app LastPass says it is investigating a security incident after an "unauthorized party" compromised its systems on Wednesday and gained access to some customer information.
The information was stored in a third-party cloud service shared by LastPass and parent company GoTo, said LastPass CEO Karim Toubba in a blog post. Toubba said the hackers used information stolen from LastPass' systems in a separate previously disclosed incident that occurred in August of this year. Toubba added in the blog post that "customers' passwords remain safely encrypted."
We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo. We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement.
We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers' information. Our customers' passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.
According to a blog post dated August 22, the previous incident saw a threat actor gain access to the LastPass Development environment using a developer's compromised endpoint to steal source code and some proprietary LastPass technical information. LastPass said at the time that its systems "prevented the threat actor from accessing any customer data or encrypted password vaults."
LastPass is currently working to understand the scope of Wednesday's incident and identify what specific information has been accessed. GoTo, formerly LogMeIn, said it was also investigating the incident, although it did not explain whether GoTo users were also impacted by the hack. In the meantime, LastPass products and services remain "fully functional," said Toubba.
Popular Stories
In June 2022, Apple previewed the next generation of CarPlay, promising deeper integration with vehicle functions like A/C and FM radio, support for multiple displays across the dashboard, personalization options, and more.
Apple says the first vehicles with support for the next-generation CarPlay experience will be announced in late 2023, with committed automakers including Acura, Audi,...
Multiple rumors have suggested that the next-generation iPhone 15 models will adopt the Wi-Fi 6E standard that Apple has already introduced in the iPad Pro and MacBook Pro, and now a leaked document appears to confirm Apple's plans.
Sourced from researcher and Apple leaker Unknownz21 (@URedditor), the document features diagrams of the iPhone 15's antenna architecture. D8x refers to the...
Apple's next-generation iPhone 15 Pro and iPhone 15 Pro Max are expected to be announced in September as usual. Already, rumors suggest the devices will have at least eight exclusive features not available on the standard iPhone 15 and iPhone 15 Plus.
An overview of the eight features rumored to be exclusive to iPhone 15 Pro models:A17 chip: iPhone 15 Pro models will be equipped with an A17...
Following last week's hardware announcements, this week saw the actual release of several of the new products as well as operating system updates bringing new features and bug fixes across Apple's platforms.
This week also saw some fresh rumors about the iPhone 15 lineup and Apple's upcoming AR/VR headset, while we shared some tips to help you get the most of your macOS experience, so read...
Apple will launch a foldable iPad with a carbon fiber kickstand sometime next year, according to analyst Ming-Chi Kuo.
In a series of tweets, Kuo said he expects an "all-new design foldable iPad" to be the next big product launch in the iPad lineup, with no other major iPad releases in the next nine to 12 months. The analyst said he was "positive" that the foldable device would arrive in...
As we near the end of January, this week we saw a collection of deals on Apple's iPad Pro, iMac, and the 2021 MacBook Pro. Additionally, we're tracking new sales on TVs and memory accessories from Samsung.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.
Samsung...
Top Rated Comments
* Multiple vaults so I can separate personal from work passwords?
* Ability to give family members access to certain passwords (like streaming services) while keeping other passwords only to myself
* Ability to store sensitive documents, along with personal information (Drivers License numbers, SSNs, etc.)
* Ability to fill MORE than just user name and password fields (At aa.com, I have to enter my number and last name to log in.)
* Ability to recognize when a site uses SSO via Apple, Google, GitHub, etc. and remember that setting so the next time I go to that site it takes me direcly to the correct SSO login?
* Save my SSH keys so I don't have to manually copy them to each computer I use?
If you have basic needs, sure iCloud works. But, the best Password managers do SO much more. People need to stop saying that Apple is "almost the same". They are not even in the same ballpark.