Another data breach has occurred this year as a direct result of the master password vault known as “LastPass.” According to LastPass, unidentified attackers penetrated the company’s cloud storage and used information that was obtained in a prior security incident that occurred in August 2022.
According to what is said in the weblog, LastPass
Recently, we were able to identify some peculiar behavior taking place inside of a third-party cloud storage service that is now used by both LastPass and its affiliated company, GoTo.
Additionally, the business disclosed that an unauthorized third party had gotten access to some components of the information belonging to consumers, utilizing information collected from the event that occurred in August of 2022.
This was the second security breach that LastPass has revealed in this calendar year. Earlier in the month, the firm announced a security incident that occurred in the month of August. In this event, an attacker gained access to the development environment and took “certain sensitive LastPass technical knowledge,” in addition to a portion of the source code.
Additionally, at that time, LastPass collaborated with Mandiant, and the research found that the activities of the threat actor was confined to a period of just four days in August 2022. During this period of time, the security team at LastPass identified the actions of the threat actor and then stopped the event from spreading further.
Multiple users of LastPass have stated that their accounts were the target of failed login attempts in the previous year, with the right master passwords being used. People immediately began receiving emails from LastPass informing them that the right master passwords were used, but that the attempts were still denied due to the unique geographic location.
In the year 2015, LastPass also disclosed a security breach in which account email addresses, password reminders, server per user salts, and authentication hashes were stolen or otherwise made available to unauthorized parties.
In addition to this, the widely used cloud-based remote work application GoTo (formerly known as LogMeIn) reported the data breach event as well.
According to a statement released by LastPass, the company has contacted law enforcement and enlisted the help of a reputable security firm known as Mandiant to examine the issue.
The business has given its clients the assurance that their passwords are secure and will “remain securely encrypted thanks to LastPass’s Zero Knowledge architecture.”
According to GoTo’s announcement, the company’s development environment and a third-party cloud storage provider have been the target of strange activities. Both GoTo and its affiliated company, LastPass, make use of the same cloud storage solution provided by a third party.
Threat actors were able to acquire access to GoTo’s development environment as well as a third-party cloud storage provider, according to GoTo.
According to the organization, they initially became aware of the event when they saw suspicious behavior in both their development environment and a cloud storage service provided by a third party.
According to what is said in an email sent out by the CEO of GoTo, Paddy Srinivasan, “Upon learning of the issue, we promptly initiated an investigation, hired Mandiant, a prominent security company, and informed law authorities.”
“According to the findings of the inquiry to this point, we have found evidence of suspicious behavior inside both our development environment and a cloud storage service provided by a third party. At the moment, both GoTo and its affiliated company, LastPass, make use of the same cloud storage service provided by a third party.”
GoTo claims that their goods and services have not been impacted by the event and that they continue to operate normally.
On the other hand, they have said that after the incident, they implemented “increased security measures and monitoring capabilities.”
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.