LastPass confirms security incident


Reading time: minutes ( words)
Source code copied from the provider of the password manager LastPass.

Parts of source code copied at password manager provider LastPass

Password manager provider LastPass has become the victim of a data theft. The company has confirmed the security incident.

On 25/08/2022, LastPass stated in a blog post that unusual activity had been detected in parts of the LastPass development environment dating back two weeks. Unknown persons had gained access via a hacked developer account and stolen parts of the source code, as well as technical information. However, products and services were functioning normally, and the software had not been restricted at any time. Master passwords or personal customer data in safes were reportedly not stolen. It is unclear how the account access took place in detail. There are currently no indications that the attackers are still in the system. The internal investigation of the development environment and the programme are still ongoing, the company said.

Recommendation for LastPass users

According to LastPass, the master password does not need to be changed. But even though the provider has given the all-clear, users should be particularly careful at the moment. It cannot be ruled out that more data may have been leaked. Users are advised to keep a close eye on the sites and services managed with LastPass for anything unusual.

Need help upgrading your IT security for 2022? Contact us!

By clicking on the "Submit" button, you confirm that you have read our privacy policy. You give your consent to the use of your personal data for the purpose of contacting you by Allgeier secion, Zweigniederlassung der Allgeier CyRis GmbH.

* Mandatory field

Go back