Technology
Technical information: LastPass flags security incident after attackers stole source code
Users’ master passwords are safe, thanks to company’s ‘zero knowledge’ architecture.
LastPass has alerted users to a security incident after an unauthorized party gained access to the company’s internal network.
In a statement issued on (August 25), LastPass CEO Karim Toubba said “unusual activity” was detected within portions of the software firm’s production environment.
A subsequent investigation revealed that attackers had gained access through a compromised developer account and “took portions of source code and some proprietary LastPass technical information”.
LastPass was quick to note that users’ master passwords were not compromised as part of this attack, due to the company’s ‘zero knowledge’ architecture.
“Our investigation has shown no evidence of any unauthorized access to encrypted vault data,” the company added. “Our zero knowledge model ensures that only the customer has access to decrypt vault data.”
Mitigation measures
In response to the incident, LastPass said it has deployed “containment and mitigation” measures and engaged a cybersecurity and forensics firm.
“While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity,” Toubba said.
“At this time, we don’t recommend any action on behalf of our users or administrators.”
-
Technology2 years ago
VoIP Number: Everything You Need To Know
-
Music2 weeks ago
[Music] Gnash Ft Olivia O’Brien – I Hate you, I Love you
-
Music1 week ago
[INSTRUMENTAL] John Legend – All Of Me
-
Music2 weeks ago
Alan Walker – Faded [INSTRUMENTAL]
-
Music1 week ago
[Video] 21 Savage ft. Offset & Metro Boomin – Rap Saved Me
-
Music2 weeks ago
[Instrumental] Wiz Khalifa – See You Again ft. Charlie Puth
-
ANE Stories3 months ago
[STORY] AMAKA THE LESBIAN (Complete Episodes)
-
Music2 weeks ago
[Music] Akon – Sorry Blame It On Me