According to LastPass, hackers managed to access end-user names, company names, billing addresses, telephone numbers, email IDs, and IP addresses in the August 2022 data breach.
In August 2022, Hackread.com reported on a data breach involving the popular password management service LastPass in which the company claimed only its source code was stolen by hackers. The latest reports reveal that the breach’s scope was way more extensive than the company claimed earlier.
Do not confuse the new details with the data breaches that LastPass revealed in September of 2022, or the one in earlier December of this year.
On Thursday, LastPass released updated information about the breach, revealing that attackers managed to steal the personal data of a large number of its customers, including encrypted password vaults. Furthermore, the attackers used previously leaked data to access the vaults.
Hackers reportedly accessed the private data and metadata of its customers. The information obtained by attackers included end-user names, company names, billing addresses, telephone numbers, email IDs, and IP addresses the customers used for accessing LastPass‘s services.
Further, the attackers also copied the backup of customer vault data, including website URLs and other encrypted data fields, like website usernames, form-filled data, secure notes, and passwords. But unencrypted credit card data wasn’t breached.
These fields were secured with 256-bit AES encryption. Hence it could only be decrypted through a unique encryption key ob ..
Support the originator by clicking the read the rest link below.
