Image source: LastPass
LastPass had a recent security incident involving its source code and proprietary technical information.
CEO Karim Toubba revealed in a blog post that the company detected unusual activity within portions of the LastPass development environment two weeks ago. An immediate investigation was carried out and it is determined that no customer data or encrypted password vaults was accessed.
Toubba says an unauthorised party managed to gain access through a single compromised developer account. The unauthorised party stole some source code and proprietary LastPass technical information. In addition, LastPass has deployed containment and migitation measures, and hired a leading cybersecurity and forensics firm.
LastPass reiterates that no Master password, data within the vault and personal information of any user has been compromised. As the comopany utilises the industry standard Zero Knowledge architecture, only customers themselves have access to decrypt valut data.
Source: LastPass
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.