![]() ![]() ![]() The hackers then launched a phishing campaign against an employee, obtaining credentials and keys, which they used to access and decrypt storage volumes within the cloud-based storage service. A highly restricted set of shared folders in a LastPass password manager vault used by just four DevOps engineers for administrative duties.Closely guarded on-premises data centers.LastPass said customer data was safe, as the decryption keys can only be retrieved from the following: The hacker stole encrypted LastPass credentials, source code and proprietary LastPass technical information. In August, LastPass announced that a threat actor gained unauthorized access through a single compromised developer account. In a post titled “Incident 2 – Additional details of the attack,” LastPass announced that the second attack was more damaging than initially thought. If you’re a customer, you will want to read this. At the time, the company claimed that no user data was compromised.Īn update in December revealed the hackers then launched a phishing campaign against a LastPass employee, obtaining credentials and keys they used to decrypt some basic customer data, but passwords or usernames remained safe.Īre you still reeling from those past attacks? LastPass just shared some more bad news. One of the big names in password managers, LastPass, was breached last August.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |