LastPass Development Systems Under Hacker Control For Four Days
Reading Time: 2 minutes

LastPass development systems were under hackers control for four days. LastPass is a password management solution, during the security incident last month threat actors managed to access details in August 2022.

According to Karim Toubba, LastPass CEO, they had no evidence of any hacking activity beyond the established timeline. In his September 15 update he said there was no evidence of any access to customer data or encrypted password vaults. 

LastPass had a breach in which the hacker stole the company’s source code and other technical information; no passwords were stolen, though in August. 

Further investigations with the support of the Mandiant cyber security team revealed it was a developer’s computer that was hacked.  The exact method used by the threat actors is unclear though the company said they continued to access the system, even after the victim had been authenticated using multi-factor authentication.

Although there was unauthorized access to the system, no customer data was accessed. This is due to the system design and zero-trust controls that were put in place to prevent such incidents.

LastPass uses a complete separation of development and production environments to guarantee security. They also cannot access any information in the customers’ password vaults, even if they try to take over with the master password set by the users.

The company reassured its customers saying their product is impenetrable because they do not store their customer’s master password.

The developers behind LastPass do not have the appropriate permissions to push the code directly to production, and it conducts checks for any signs of poisoning.

The company has also made efforts to improve the protection of their servers by getting in touch with “leading” cybersecurity firm to enhance its source code safety practices.

Related Articles:
Reflections in Eyeglasses Can Leak Info from Zoom calls
SparklingGoblin APT Hackers Use New Linux Variant of SideWalk Backdoor
WordPress Powered Sites Backdoored after FishPig Supply Chain Attack