26 Aug. (Portaltic/EP) –
LastPass, the popular ‘online’ password manager, has confirmed a security incident by which a third party has accessed the development environment, without affecting the data or credentials saved by users.
LastPass CEO Karim Toubba explained that two weeks ago they detected “unusual activity in parts of the development environment of LastPass”, as stated in the official blog.
The investigation that followed this event determined the existence of a compromised user account that facilitated access and obtaining “portions of the source code and certain proprietary technical information of LastPass“.
Toubba assures that there is no evidence that this incident has affected the data of the users of the application or the encrypted password vault. “Our zero knowledge model guarantees that only the client has access to decrypt the data in the vault“, details.
Add Comment