LastPass, a popular password management service, suffered a data breach that resulted in threat actors gaining unauthorized access to a certain number of customer information.
The data breach targeting LastPass and its subsidiary, GoTo, is known to have been carried out using information obtained in the August 2022 security breach. There are no details about the breach, but the statement made by LastPass officials stated that the unauthorized parties only gained access to some aspects of the customers with the said data breach attempt.
LastPass has launched a comprehensive investigation into the breach through the well-known security firm Mandiant and law enforcement. LastPass reported that its Zero-Knowledge architecture securely encrypts and stores customers’ passwords and that LastPass products and services continue to be available. Therefore, there is no action for customers to take.