LastPass stole decrypted vault and database backups

LastPass he announced on Monday that the same attacker breached an employee's home computer and obtained an encrypted vault available to only a few company developers.

lastpass password manager

Although the original on LastPass was supposed to have ended on August 12, officials said the hacker “actively engaged in a new series of identification, enumeration and exfiltration activities” from August 12 to August 26.

The unknown attacker was able to steal valid credentials from a senior DevOps engineer and obtain to the contents of a LastPass data vault. Among other things, the vault provided access to a shared cloud storage environment that contained the encryption keys for customer vault backups stored in Amazon S3 buckets.

“This was achieved by targeting an engineer's home computer and exploiting a vulnerable package third-party media, which enabled remote execution and allowed the attacker to implant keylogger", LastPass executives report. "The attacker was able to capture the employee's master password as he typed it, and gained access to the engineer's corporate LastPass vault."

The engineer whose computer was hacked was one of only four LastPass employees with access to the company vault. Once in possession of the decrypted vault, the attacker extracted the records, and the "decryption keys needed to access AWS S3 backups, other cloud-based storage resources and some relatively critical database backups."

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).