Using a password manager is a good way to keep your personal accounts and information safe on the vast, wild Internet. But password managers are not bulletproof either. Case in point: LastPass, one of the most used password managers, is sending out users warning users that it suffered a breach.
As detailed by LastPass, an unauthorized third party gained access to the developer environment through a compromised developer account. While some proprietary source code and other proprietary info was stolen, LastPass has clarified that no sensitive user info, such as master passwords, encrypted account passwords, or account information, was taken by the attacker.
An investigation is underway to determine the size and scope of the breach, but in the meantime, Karim Toubba, LastPass’ CEO, is reassuring users that the breach didn’t affect any sensitive info or passwords. Likewise, he’s not recommending users take any action on their accounts for now.
LastPass said in a blog post, “in response to the incident, we have deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm. While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity.”
It seems like everything and everyone is being breached these days. Plex also recently suffered a breach that saw the account data of many users compromised. And while all breaches are bad, for this specific one, your passwords aren’t in danger as of now.
Source: LastPass