Back in December, the company issued a statement confirming that such data had been obtained by attackers and advising users to change their passwords. According to LastPass, the incident was caused by credentials stolen from a DevOps engineer.
According to a blog post (via ArsTechnica), a coordinated attack in August 2022 allowed hackers to access and steal data from Amazon AWS cloud servers. More specifically, the server credentials were stolen from a DevOps engineer with access to the company’s cloud storage.
The attackers accessed servers containing LastPass customers’ backups and encrypted vault data. After authenticating with MFA, the threat actor could capture the employee’s master password as it was entered and gain access to the DevOps engineer’s LastPass corporate vault.
If you use LastPass, the company strongly recommends that you change all of your passwords stored on the platform. Change the master password for the LastPass vault as well. LastPass claims the platform has over 30 million users and over 100,000 corporate clients.
Comments