LastPass, a popular password manager platform, has confirmed that its developer environment was hacked around two weeks back. The hack resulted in the theft of source code and proprietary information.
The company revealed that the hacker compromised a single developer account to access the developer environment.
LastPass hacked
According to a blog post published by LastPass on Thursday, it does not believe that any of the encrypted passwords of its users were not compromised as a result of the breach. Hence, users do not need to take any action to secure their accounts.
LastPass did not provide detailed information about the attack. Hence, it is unclear how the hackers were able to compromise the company’s developer account and what source code was stolen.
In response to the cyberattack, the company deployed and mitigated measures. It also involved well-known cybersecurity and forensics firm.
Company releases official statement
LastPass CEO Karim Toubba said in a statement that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information. He added, "Our products and services are operating normally."
What is LastPass?
LastPass is a password management platform, to safely store all of your online login credentials (usernames and passwords) in one central location.
It can create unique, difficult-to-crack passwords for each site account and keep them safe in your vault, saving you from having to memorise a large number of long, complex strings.
The securely stored login credentials can only be accessed and used with a master passphrase. Hence, users only need to create and remember the master passphrase. The company has over 33 million users across the world.
Apart from LastPass, Apple’s iCloud Keychain and Google Password Manager are the other alternative password management system.
