LastPass and GoTo report possible cyberattack

Shared cloud storage service accessed and breached

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Leadingpassword managerLastPass and its affiliate, communications software provider GoTo, has revealed it suffered a breach to itscloud storageinfrastructure following a cyberattack in August 2022.

In anupdateregarding the ongoing incident, the company admits that it has recently detected “unusual activity” within a third-party cloud storage service used by both LastPass and GoTo.

The results of Lastpass' investigation, signed by LastPass CEO Karim Toubba and involving security experts from Mandiant, showed that someone used the credentials leaked in the incident to gain access to “certain elements” of LastPass’ customer information

Passwords are safe

Toubba did not go into further details about the type of data that was accessed, but he did say that the user passwords were untouched.

“Our customers’ passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture,” he said.

“While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity.”

By virtue of being one of the most popularbusiness password managersandgeneratorsout there, with over 100,000 businesses relying on it daily, LastPass is no stranger to data breaches committed by cybercriminals.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

KeePass vs LastPass>LastPass hacked: Should you be worried about your passwords?>These are the best ID theft protection tools around

TechRadar Prohas previouslyreportedthat the company confirmed In late September 2022 that the threat actor responsible for the original breach in August lurked for days in its network, before ousted.

However, the threat actor did not manage to access internal customer data, or encrypted password vaults at the time. LastPass claims that the latest development  has not changed that, owing to itsZero Knowledge architecture.

“Although the threat actor was able to access the Development environment, our system design and controls prevented the threat actor from accessing any customer data or encrypted password vaults,” Toubba said at the time.

The attacker was apparently able to access the company’s Development environment through a developer’s compromisedendpoint.

The investigation and forensics did not manage to determine the exact method used for the initial endpoint compromise, Toubba did say the attackers utilized their persistent access to impersonate the developer after successfully authenticating withmulti-factor authentication.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Lego will let you build Sir Ernest Shackleton’s iconic lost ship, the Endurance, in its next Icons set