LastPass released an advisory today informing customers the company was hacked to weeks ago. The password management company stated they had been breached through a compromised developer account that hackers used to access the LastPass developer environment. The advisory claims there is no evidence that customer data or encrypted password vaults were compromised but portions of the company’s source code were stolen. Additionally, the company stated that customers master passwords were not compromised because they “utilize an industry standard Zero Knowledge architecture that ensures LastPass can never know or gain access to our customers’ Master Password.” LastPass has not provided further details regarding the attack, how the threat actors compromised the developer account, and what source code was stolen.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.