An unauthorized party gained the access to a cloud-based password security site, LastPass suffered a data security breach that resulted in the theft of certain source codes and technical information.
They targeted its development environment. No customer data or encrypted passwords were accessed.
Amidst investigated the incident and they engaged the services of a leading cybersecurity and forensics firm and they implemented additional countermeasures.
Source: https://thehackernews.com/2022/08/hackers-breach-lastpass-developer.html
TPRM report: https://scoringcyber.rankiteo.com/company/lastpass
"id": "las25527822",
"linkid": "lastpass",
"type": "Breach",
"date": "08/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Cybersecurity',
'name': 'LastPass',
'type': 'Company'}],
'attack_vector': 'Unknown',
'data_breach': {'data_exfiltration': True,
'type_of_data_compromised': ['Source Codes',
'Technical Information']},
'description': 'An unauthorized party gained access to a cloud-based password '
'security site, LastPass, resulting in the theft of certain '
'source codes and technical information.',
'impact': {'data_compromised': ['Source Codes', 'Technical Information'],
'systems_affected': ['Development Environment']},
'motivation': 'Unknown',
'response': {'remediation_measures': ['Implemented additional '
'countermeasures'],
'third_party_assistance': ['Leading Cybersecurity and Forensics '
'Firm']},
'threat_actor': 'Unauthorized Party',
'title': 'LastPass Data Breach',
'type': 'Data Breach'}