However, it turned out that the unauthorized party was indeed ultimately able to access customer data. Toubba assured customers at the time that their passwords and personal data were safe in LastPass's care. We can also confirm that there is no evidence that this incident involved any access to customer data or encrypted password vaults." "There is no evidence of any threat actor activity beyond the established timeline. During this timeframe, the LastPass security team detected the threat actor's activity and then contained the incident," Toubba said. "Our investigation revealed that the threat actor's activity was limited to a four-day period in August 2022. 15, Toubba updated the blog post to notify customers that the company's investigation into the incident had concluded. In August 2022, LastPass published a blog post written by Toubba saying that the company "determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information."Īt the time, Toubba said that the threat was contained after LastPass "engaged a leading cybersecurity and forensics firm" and implemented "enhanced security measures." But that blog post would be updated several times over the following months as the scope of the breach gradually widened. It even offers a Windows client, too, with support for Chrome and Edge browsers. iCloud Keychain is secure and easy to set up and use across all of your Apple devices.
0 Comments
Leave a Reply. |