Blog

August 29, 2022

LastPass Has Been Hacked

Written By Securafy Team

Using different passwords on every website and storing them in a secure password manager is a standard best practice in data security. It's generally good advice, but what happens when the makers of password vaults get hacked?

That's what the more than twenty-five million users of LastPass are now finding out. LastPass is one of the largest password vaults in the world, and unfortunately, that makes it a tempting target for hackers everywhere. On August 25, 2022, LastPass' CEO Karim Toubba announced that "an unauthorized third party had stolen portions of the source code and some proprietary LastPass technical information."

The breach appears to have been confined to the company's development servers when a developer's account was compromised. The good news for LastPass customers takes two forms. First is that the development servers did not contain any customer data. Second, LastPass employs "zero knowledge" architecture, meaning that even though it stores your passwords, no one can access your information without your master password.

LastPass stated that the breach had no effect on the master passwords of its users and said that there is no evidence of any more criminal activity. Therefore, there is currently no action that is necessary from those who use their service.

While an investigation into the incident continues, the company said that it has installed new preventative measures and that it has retained the assistance of an industry-leading cybersecurity and forensics firm.

 

Picture of Securafy Team
About The Author
Our team at Securafy brings you the best tech tips, from how-to guides and troubleshooting advice to software reviews and productivity hacks. We're all about empowering businesses with the tools and knowledge they need to thrive in the digital world. Follow our posts to stay equipped with practical insights that make tech work for you.

Subscribe to our newsletter

Sign up for our FREE "Cyber Security Tip of the Week!" and always stay one step ahead of hackers and cyber-attacks.