LastPass Hacked for Second Time This Year

Password management app LastPass says it is investigating a security incident after an "unauthorized party" compromised its systems on Wednesday and gained access to some customer information.

The information was stored in a third-party cloud service shared by LastPass and parent company GoTo, said LastPass CEO Karim Toubba in a blog post. Toubba said the hackers used information stolen from LastPass' systems in a separate previously disclosed incident that occurred in August of this year. Toubba added in the blog post that "customers' passwords remain safely encrypted."

We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo. We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement.

We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers' information. Our customers' passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.

According to a blog post dated August 22, the previous incident saw a threat actor gain access to the LastPass Development environment using a developer's compromised endpoint to steal source code and some proprietary LastPass technical information. LastPass said at the time that its systems "prevented the threat actor from accessing any customer data or encrypted password vaults."

LastPass is currently working to understand the scope of Wednesday's incident and identify what specific information has been accessed. GoTo, formerly LogMeIn, said it was also investigating the incident, although it did not explain whether GoTo users were also impacted by the hack. In the meantime, LastPass products and services remain "fully functional," said Toubba.

Top Rated Comments

willzyx Avatar
8 weeks ago

Why would you not use the built in password manager and instead willingly pay to use another, less secure, manager?
Because 3rd party password managers (1password, keeper, bitwarden) offer a lot more flexibility and security than Apple's built-in manager. Apple's version is good enough for basic functions, anything more and a dedicated manager is far more advanced. Everyone knows that LastPass is trash and has always been trash.
Score: 31 Votes (Like | Disagree)
Abazigal Avatar
8 weeks ago

Why would you not use the built in password manager and instead willingly pay to use another, less secure, manager?
It’s a pain to retrieve passwords when you want to key them into a non-Apple device. For example, when I went to log in to an account on my windows work laptop, I can view said password via the 1Password app on my Apple Watch. It’s also much easier to generate / change passwords in the 1Password app. iCloud Keychain really needs its own standalone manager app, rather than being hidden in the settings app.
Score: 30 Votes (Like | Disagree)
djcerla Avatar
8 weeks ago
… but this time it’s the LastTime!
Score: 29 Votes (Like | Disagree)
ProfessionalFan Avatar
8 weeks ago
I switched all my passwords to iCloud passwords. Not only does it work more seamlessly as an Apple ecosystem member, but it feels more secure.
Score: 25 Votes (Like | Disagree)
Poleri Avatar
8 weeks ago
This is why I use BitWarden for years. :cool:
Score: 21 Votes (Like | Disagree)
TriBruin Avatar
8 weeks ago

That used to be true but now that they added 2FA and notes there isn’t much of a difference and, in Apple slickness, the 2FA integration is one tap seamless. The only reason I use BitWarden as well is for redundancy. I would like to see categories added, I do like that in BW.
Not much difference? If so, where can I get these features using iCloud:

* Multiple vaults so I can separate personal from work passwords?
* Ability to give family members access to certain passwords (like streaming services) while keeping other passwords only to myself
* Ability to store sensitive documents, along with personal information (Drivers License numbers, SSNs, etc.)
* Ability to fill MORE than just user name and password fields (At, I have to enter my number and last name to log in.)
* Ability to recognize when a site uses SSO via Apple, Google, GitHub, etc. and remember that setting so the next time I go to that site it takes me direcly to the correct SSO login?
* Save my SSH keys so I don't have to manually copy them to each computer I use?

If you have basic needs, sure iCloud works. But, the best Password managers do SO much more. People need to stop saying that Apple is "almost the same". They are not even in the same ballpark.
Score: 19 Votes (Like | Disagree)

Popular Stories

iphone 15 pro wifi 6e

Internal Apple Document From Leaker 'Unknownz21' Confirms Wi-Fi 6E Will Be Limited to iPhone 15 Pro Models

Friday January 27, 2023 10:01 am PST by
Multiple rumors have suggested that the next-generation iPhone 15 models will adopt the Wi-Fi 6E standard that Apple has already introduced in the iPad Pro and MacBook Pro, and now a leaked document appears to confirm Apple's plans. Sourced from researcher and Apple leaker Unknownz21 (@URedditor), the document features diagrams of the iPhone 15's antenna architecture. D8x refers to the...
iPhone 14 Pro Purple Side Perspective Feature Purple

iPhone 15 Pro Rumored to Have These 8 Features

Friday January 27, 2023 2:11 pm PST by
Apple's next-generation iPhone 15 Pro and iPhone 15 Pro Max are expected to be announced in September as usual. Already, rumors suggest the devices will have at least eight exclusive features not available on the standard iPhone 15 and iPhone 15 Plus. An overview of the eight features rumored to be exclusive to iPhone 15 Pro models:A17 chip: iPhone 15 Pro models will be equipped with an A17...
top stories 28jan2023

Top Stories: iOS 16.3 Released, iPhone 15 Pro Rumors, macOS Tips and Tricks, and More

Saturday January 28, 2023 6:00 am PST by
Following last week's hardware announcements, this week saw the actual release of several of the new products as well as operating system updates bringing new features and bug fixes across Apple's platforms. This week also saw some fresh rumors about the iPhone 15 lineup and Apple's upcoming AR/VR headset, while we shared some tips to help you get the most of your macOS experience, so read...
Multi Display CarPlay 1

Apple Launching All-New CarPlay Experience Later This Year With These 5 Features

Sunday January 29, 2023 10:15 am PST by
In June 2022, Apple previewed the next generation of CarPlay, promising deeper integration with vehicle functions like A/C and FM radio, support for multiple displays across the dashboard, personalization options, and more. Apple says the first vehicles with support for the next-generation CarPlay experience will be announced in late 2023, with committed automakers including Acura, Audi,...

Hands-On With the New M2 Max MacBook Pro

Thursday January 26, 2023 12:14 pm PST by
New 14-inch and 16-inch MacBook Pro models with the latest M2 Pro and M2 Max chips are available in Apple retail stores and are already in the hands of customers, and we picked up one of the new M2 Max machines to answer all of the questions MacRumors readers considering a purchase might have. Subscribe to the MacRumors YouTube channel for more videos. Yesterday, we asked MacRumors fans on...
iPhone 15 General Mock Feature

Kuo: iPhone 15 Models to Adopt Wi-Fi 6E

Thursday January 26, 2023 5:09 pm PST by
The upcoming iPhone 15 models that are set to be introduced later in 2023 will adopt the Wi-Fi 6E standard, according to Apple analyst Ming-Chi Kuo. In a note about Apple's work on a Wi-Fi chip, Kuo said that the company will upgrade the iPhone 15 to Wi-Fi 6E. Apple is already using Wi-Fi 6E for the 11 and 12.9-inch iPad Pro models introduced last year, along with the new Mac mini and...
iPhone 14 Pro Purple Side Perspective Feature Purple

iPhone 15 Expected to Feature Wi-Fi 6E Like Latest Macs and iPad Pro

Wednesday January 25, 2023 5:39 pm PST by
The iPhone 15 will support Wi-Fi 6E, according to a research note shared this week by Barclays analysts Blayne Curtis and Tom O'Malley. The analysts did not specify whether the feature will be available on all models or limited to the Pro models. Apple has added Wi-Fi 6E support to a handful of devices so far, including the latest 11-inch and 12.9-inch iPad Pro, 14-inch and 16-inch MacBook...