Top password manager LastPass was hacked, datas safe: CEO
“We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information,” Karim Toubba, the CEO of the company, wrote in a letter to customers.
- Tech
- A News
- Published Date: 12:24 | 27 August 2022
- Modified Date: 12:39 | 27 August 2022
CEO of the world's one of the most-used password manager companies, LastPass, said on Thursday that it was hacked recently.
The company, however, said it does not see any evidence of any data or passwords being exposed.
"We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information," Karim Toubba, the CEO of the company, wrote in a letter to customers.
Toubba also said that the company noticed the hack two weeks ago, after it observed unusual activity.
The company said that the software of LastPass is designed in a way that it cannot know or reach the master passwords of the customers.
"Our investigation has shown no evidence of any unauthorized access to encrypted vault data," the company wrote on its "Frequently Asked Questions" page.
"Our zero-knowledge model ensures that only the customer has access to decrypt vault data."
LastPass said that its products operate normally at the moment and the company is cooperating with a cybersecurity and forensics firm after the incident.
"Based on what we have learned and implemented, we are evaluating further mitigation techniques to strengthen our environment," Toubba told customers.
LastPass is a software that allows people to keep their different passwords for different websites safe in a "vault", which can be unlocked through a master password.
It also can provide users with auto-generated, hard-to-guess passwords.