Τον Αύγουστο, η εταιρεία διαχείρισης κωδικών πρόσβασης LastPass confirmed that there was a breach in a dev environment. This resulted in some snippets of the company's code and proprietary technical documentation being stolen, while customer data remained secure.
However, the company suffered yet another breach, and this time hackers gained access to customer data.
In an update in his initial notification of the security incidents, LastPass CEO Karim Toubba revealed that the company detected unusual activity at a third-party cloud storage service provider used by both LastPass and its subsidiary GoTo.
So the company launched an investigation into the whole matter, while also working with cybersecurity firm Mandiant and alerting law enforcement. So far, it has determined that a hacker used information from the August breach to gain access to "certain elements" of customer data in the shared cloud. However, customer passwords remain encrypted and secure.
It should be noted here that this is an ongoing investigation and no one knows what really happened. For now LastPass customers have been advised to follow the practices listed here.
Αν σκέφτεστε να αλλάξετε password manager χρησιμοποιήστε τον open source Keepass, which stores your information, encrypted, locally and not in the cloud.