LastPass CEO Karim Toubba revealed that the company’s password management firm has detected unusual activity with its third-party cloud storage. It has immediately an investigation to know how this issue took place. For this, the company has hired the security firm Mandiant and has alerted law enforcement officials. “We have determined that an unauthorized party, using information obtained in (a) August 2022 incident, was able to gain access to certain elements of our customers’ information,” “Our customers’ passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.”
GoTo & LastPass Hacked Once Again
However, Paddy Srinivasan, Chief Executive of GoTo had not mentioned an unauthorized party gaining access to some customers’ information. It only said that the company is investigating the security incident and are working on understanding the scope of the issue. “Based on the investigation to date, we have detected unusual activity within our development environment and third-party cloud storage service. The third-party cloud storage service is currently shared by both GoTo and its affiliate, LastPass.” He further added: “GoTo‘s products and services remain fully functional. As part of our efforts, we also continue to deploy enhanced security measures and monitoring capabilities across our infrastructure to help detect and prevent threat actor activity.” It is the second security incident that was disclosed by Lastpass this year. Even the information that was stolen during the initial incident was used in the latest incident. It seems in the coming days, the company will reveal that how many users were affected due to this attack. Also Read: MobileGo & LastPass | APP of the day | 4th April, 2017