Jump to content
  • LastPass Breached Once Again, Hackers Gain Access to Sensitive Customer Data

    Matt

    • 1 comment
    • 189 views
    • 2 minutes
     Share


    • 1 comment
    • 189 views
    • 2 minutes

    Though the breached occurred at a third-party service provider, hackers used that access to steal LastPass customers' contact info and physical addresses.

     
    (Credit: Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images)

     

    Password management app LastPass has confirmed that sensitive customer data was stolen in a new security incident.

     

    Exposed data includes customers' names, phone numbers, physical addresses, and email addresses. According to LastPass, the breach originated at Klue, a third-party market intelligence service it has integrated with its own systems. Hackers obtained LastPass OAuth tokens held by Klue and used them to access customer data.

     

    The password manager says it became aware of the incident on June 12 and has since blocked the unauthorized access. “LastPass products, services, and infrastructure were not impacted in any way, and customer vaults remain secure,” it adds.

     

    The latest lapse isn’t as severe as the company’s 2022 breach, in which a hacker obtained copies of customers’ encrypted passwords. LastPass agreed to settle a lawsuit related to that incident by paying $24.5 million to affected customers earlier this year, and anyone who used the app before November 2022 is eligible to file a claim before July 2, 2026.

     

    Following its latest leak, LastPass has asked customers to remain vigilant for possible phishing attempts. "Always exercise caution regarding unsolicited communications, including emails, phone calls, or requests for sensitive information," it says. "Please remember that no one at LastPass will ever ask for your master password."

     

    Source


    User Feedback

    Recommended Comments

    • Administrator
    • Featured Comment

    We’ve been encouraging our community visitors and members to seek alternatives. This isn’t the last breach, as it’s been happening repeatedly.

     

    Read carefully please

     

     

    • Like 1
    • Thanks 2
    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...