LastPass Witnessed Another Security Breach

Although it might not be the safest from a cybersecurity standpoint, many people use the same password for all of their accounts to make things more convenient. Password managers like LastPass cater to this demand. Unfortunately, this also makes these types of services common targets for cyberattacks, something LastPass understands all too well. After detecting more attacks recently, LastPass is now warning users about the latest system breach that allowed access to user data.

LastPass was the target of two cyberattacks, one in 2021 and another in August of this year. The company’s source code was stolen during the second attack. CEO Karim Toubba goes on to say that hackers took advantage of the August attack to access “certain elements of customers’ information.” However, we do not have many details about the type of information taken. The cybercriminals obtained access to LastPass’s cloud storage service that it shares with its partner, GoTo. The company is working with law enforcement agencies and security firm Mandiant to investigate the incident.

Though LastPass has been hacked, Toubba reassured its customers that their stored passwords are still inaccessible to hackers. The company uses a zero-knowledge architecture, which means that LastPass doesn’t store your master password or the credentials in your locked vault. And LastPass is still working correctly.

There have been two severe security breaches that LastPass has detected recently, and we appreciate their honesty in disclosing this information to the public. Though this hardly paints the company in a good light, it’s understandable why customers might be worried. Suppose you still feel inclined to use this password manager (or any other app similar to this). In that case, we recommend changing your passwords on a regular basis to protect your data from potential breaches. Furthermore, try not to use the same password for every website.

No matter which app or service you use for your passwords, it’s important to remember that no security measure is foolproof. Hence, LastPass created a guide of optimal practices you could look over to stay secure.