LastPass, the popular password manager for online users, has just been breached. The company says that user data was accessed and some passwords were stolen. The breach is not as serious as it could be, as LastPass only stores user data on servers in the United States. However, it is still a security issue that should be taken care of. LastPass is a popular password manager and should be used with caution.
As detailed by LastPass, an unauthorized third party gained access to the developer environment through a compromised developer account. While some proprietary source code and other proprietary info was stolen, LastPass has clarified that no sensitive user info, such as master passwords, encrypted account passwords, or account information, was taken by the attacker.
An investigation is underway to determine the size and scope of the breach, but in the meantime, Karim Toubba, LastPass’ CEO, is reassuring users that the breach didn’t affect any sensitive info or passwords. Likewise, he’s not recommending users take any action on their accounts for now.
LastPass said in a blog post, “in response to the incident, we have deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm. While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity.”
It seems like everything and everyone is being breached these days. Plex also recently suffered a breach that saw the account data of many users compromised. And while all breaches are bad, for this specific one, your passwords aren’t in danger as of now.
Source: LastPass