LastPass

Cybersecurity incident at LastPass. Should you worry?

This morning, LastPass just announced a security incident:

I want to inform you of a development that we feel is important for us to share with our LastPass business and consumer community.  

Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults.  

We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information. Our products and services are operating normally. 

In response to the incident, we have deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm. While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity.  

Based on what we have learned and implemented, we are evaluating further mitigation techniques to strengthen our environment. We have included a brief FAQ below of what we anticipate will be the most pressing initial questions and concerns from you. We will continue to update you with the transparency you deserve.  

Thank you for your patience, understanding and support.  

LastPass has just suffered a cybersecurity incident. What are the risks? Should you worry?


Exclusive Content

To read the rest of this exclusive content, you need to sign up for a membership plan here for only $1.49/MONTH.

If you are already a member, please sign in here.



Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

FREE: Top 10 Things You Must Do to Avoid Getting Hacked

Subscribe to our Cybersecurity News, Insights & Updates to get this FREE guide on how to avoid getting hacked!

* indicates required