LastPass Says Hackers Accessed Its Systems for Just 4 Days
Softpedia News / Global
from
LastPass has provided more information on the security incident that was discovered earlier this year, and in an update published this week, the company says that it was managed to confirm that hackers accessed its systems for just 4 days.
The whole thing happened in August 2022, LastPass says, and once again, it hasn’t found any evidence that the malicious actors accessed any customer data or encrypted password vaults.
By the looks of things, the breach was possible after the hackers managed to compromise the system of a developer.
“Our investigation determined that the threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication,” LastPass read more) https://ift.tt/Bm6s9CT
via IFTTT
from
LastPass has provided more information on the security incident that was discovered earlier this year, and in an update published this week, the company says that it was managed to confirm that hackers accessed its systems for just 4 days.The whole thing happened in August 2022, LastPass says, and once again, it hasn’t found any evidence that the malicious actors accessed any customer data or encrypted password vaults.
By the looks of things, the breach was possible after the hackers managed to compromise the system of a developer.
“Our investigation determined that the threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication,” LastPass read more) https://ift.tt/Bm6s9CT
via IFTTT
No comments