LastPass has reported another data breach this week, its second incident in 2022. The details of the breach were shared by CEO Karun Toubba, who said the company is investigating the second compromise of the password manager.
Touba explained that the company was alerted to some unusual activity in its third-party cloud storage service. “We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement,” Toubba said in a blog post on Wednesday.
Back in August, LastPass informed about the first breach, through which hackers were able to steal sensitive data and the company’s source code. Toubba mentioned that it is possible that the hackers might have used the information they got from the previous hack to gain access and steal information from its customers. He did not elaborate on what details could have been possibly accessed. The company is working to understand the scope of the incident, as Toubba explains.
However, he has assured customers that none of the passwords has been exposed in this breach, claiming that LastPass’s zero knowledge tech keeps them secure behind strong encryption.
As he mentioned last time, Toubba said that the master password has not been exposed, and LastPass doesn’t have access to the password vault, which could put it at risk when incidents like these happen.
Password managers have become an essential tool in this day and age, where remembering all the passwords for your digital accounts can be a nightmare. Also, since most people use simple passwords, these managers allow them to have special characters and alphanumeric login codes that are hard to crack.
LastPass, which counts more than 25 million users, works by aggregating the hundreds of passwords consumers and corporate users need to log into their social media accounts, business networks, online retailers and more.
Read all the Latest Tech News here