Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
LastPass data breach overview:
- Who: Password management company LastPass has been hacked.
- Why: A developer account was compromised, leading to portions of source code and technical information being stolen.
- Where: LastPass is headquartered in the United States.
Password management company LastPass has been hacked, with portions of source code and technical information stolen in the data breach, the company has announced.
On Aug. 25, the company issued a press release stating it detected some unusual activity within the LastPass development environment two weeks ago.
After initiating an investigation, the company found an unauthorized party had gained access to parts of the LastPass development environment through a single compromised developer account.
The party had taken pieces of source code and some proprietary LastPass technical information.
“We have seen no evidence that this incident involved any access to customer data or encrypted password vaults,” the company told customers.
It said its products and services are operating normally in wake of the data breach.
LastPass assures customers that passwords are safe
In response to the security breach incident, LastPass said it has deployed “containment and mitigation measures,” and engaged a cybersecurity and forensics firm.
“While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity,” it said.
The company assured customers the incident did not compromise anyone’s master password.
“We never store or have knowledge of your Master Password,” it said.
Additionally, no data within customer vaults has been compromised, the company said. It clarified the incident happened within the development environment, and its investigation has shown no evidence of any unauthorized access to encrypted vault data.
LastPass said it doesn’t recommend any action on behalf of its users at this time and will keep customers up to date with developments.
The company is not currently facing legal action over the security breach, but Top Class Actions follows security breaches closely as they sometimes lead to class action lawsuits.
Earlier this month, a settlement was reached between online retail giant cbdMD Inc. and customers who claim the company’s negligence resulted in two data breaches of its website in spring 2020.
Data breaches have become increasingly expensive and irritating to organizations all over the world, according to a new IBM study.
The average cost to clean up the mess of a data breach has reached an all-time high of $4.35 million, an increase of 13% from two years ago.
What do you think of the LastPass data breach? Let us know your thoughts in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
13 thoughts onLastPass data breach leads to theft of source code, proprietary technical information
add me. had last pass since 2017
I’ve been a long time user of LastPass, I want to be included as well!