 "Password manager LastPass hacked again, second time this year: CEO")
Karim Toubba, the CEO of popular encrypted password manager LastPass, has admitted the company is investigating a security incident after its systems were compromised for the second time this year.
The company detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo.
"We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement," Toubba said in a statement late on Wednesday.
The earlier security breach in August this year had allowed hackers internal access to the company's systems for four days until they were detected and evicted.
Toubba said that an unauthorised party, using information obtained in the August 2022 incident, was again able to gain access to certain elements of "our customers' information".
"Our customers' passwords remain safely encrypted due to LastPass's Zero Knowledge architecture," said the CEO.
"We are working diligently to understand the scope of the incident and identify what specific information has been accessed. In the meantime, we can confirm that LastPass products and services remain fully functional," he informed.
LastPass is a freemium password manager that stores encrypted passwords online.
The company does not have any access to the master passwords of its customers' vaults.
"Without the master password, it is not possible for anyone other than the owner of a vault to decrypt vault data as part of our Zero Knowledge security model," according to the CEO.
He said that the company continues to deploy enhanced security measures and monitoring capabilities across its infrastructure to help detect and prevent further threat actor activity.
--IANS
na/ksk/
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app