LastPass, a freemium password manager, confirmed that they detected unusual activity on their service this August. Lastpass Password Manager Hacked & Confirmed By LastPass.
LastPass Hack News Confirmation
LastPass Password Manager CEO Karim Touba issued the notice via a blog post on LastPass’ official community website. According to the notice, an unauthorized party gained access to parts of LastPass’s development environment through a compromised developer account.
What Hacker Stole
In addition, the blog post stated that the attacker stole parts of the source code and some of the company’s proprietary technical information, adding that user data and encrypted passwords were not breached.
Actions From LastPass Security
The company claims it has implemented containment and mitigation measures and has outsourced to a prominent cyber security and forensics firm, while its security investigation is still ongoing.
Meanwhile, its products and services are fully functional, and it has adopted strong security measures and is evaluating other mitigations to strengthen its cybersecurity environment.
Passwords Hacked Or Not
Finally, LastPass informed its users that no master passwords had been compromised, and claimed that it never stores or knows its users’ master passwords. Stating here that the company uses an industry-standard zero-knowledge design to ensure that lastpass password manager never knows or has access to its clients’ master passwords.