LastPass is a popular password manager tool that allows its users to store, edit and sync their passwords across all devices that they use. It has many useful features including both free and paid options, making the platform popular across the globe. User data is stored in a ‘vault’ which is essentially a personal encrypted database for each user.
News of a successful attack against the company came in December 2022, when data from the source code was reported as leaked in August 2022. This attacker managed to successfully steal both unencrypted data (this was data such as website URLs) and encrypted data (such as usernames, passwords, secure notes and form-filled data).
However, the encrypted data could not be read by the attacker as they did not have access to the decryption key.
Encryption is the process of scrambling data so that it is unreadable if it is intercepted or stolen. The sender of the data will encrypt it against a key. The recipient must have this key to be able to decrypt and read the data.
However, within the last week, further news has come about the attack at LastPass.
The attack has now been confirmed to have leaked user data, including user ‘vault’ data, which in certain circumstances could lead to total account compromise.
It is believed that the attack came from a senior employee having work data on their personal computer, which did not have sufficient protection or software updates installed. A simple keylogger software was installed on the engineer’s computer, which captured all data inputted to the machine, including their master password for LastPass. With this, they were able to gain access to the vault and file the necessary decryption information to gain access to the LastPass shared cloud environment and extract lots of important information.
In an update from LastPass, all customers are advised to reset both their Master Password and any passwords stored in their account.
If you have any questions or would like to discuss this with one of our experts, please click here.