LastPass reported that a hacker stole some of their source code, and the company stated that customer data was not accessed, they did not recommend that you change your password, etc.
They also stated that there was no access to the encrypted password vaults, a hacker apparently gained access to their development environments, more details below.
Two weeks ago, we discovered unusual activity in some parts of the LastPass development environment. Upon initiating an immediate investigation, we found no evidence that this incident involved any access to customer data or encrypted password vaults.
We have determined that an unauthorized party gained access to parts of the LastPass development environment through a single compromised developer account and stole parts of the source code and some proprietary LastPass technical information. Our products and services are operating as normal.
In response to the incident, we implemented containment and mitigation measures and engaged a leading cybersecurity and forensics firm. While our investigation is ongoing, we have reached containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity.
You can find out more about what happened to their source code on the LastPass website at the link below.
Source Press Release
Categories: Technology News