According to recent reports, LastPass, a password manager, said to be used by more than 33 million people all across the globe, said that a hacker recently managed to steal source code and proprietary information after simply breaking into its systems.
However, the company does not really believe any passwords were taken as part of the breach and also mentioned that users shouldn’t have to take any action in order to secure their accounts. In addition to this, as per the investigation which was done, it determined that an unauthorized party managed to crack into its developer environment, which is the software that employees use to build as well as maintain LastPass’s product.
Also, the perpetrators were only able to gain access with the help of a single compromised developer’s account, the company mentioned in a report. Know that, the attack actually struck a company that itself is known to generate as well as store hard-to-crack, auto-generated passwords for several accounts like Gmail or even Netflix, on behalf of its users of course, without the so-called need to manually enter credentials.
As per the company’s website, LastPass lists Yelp.Inc, Patagonia as well as State Farm as customers on its website. Moreover, a cybersecurity website Bleeping Computer reported that it had asked LastPass about the break two weeks ago but hasn’t gotten a concrete reply. Not to mention, Allan Liska, an analyst on the Computer Security Incident Response Team at cybersecurity company Recorded Future, said he was impressed with the “speedy notification” from LastPass.
“While two weeks might seem like a long time to some, it can take a while for incident response teams to fully assess and report on a situation,” he said. “it will take time to fully determine the extent of any damage that may have been as a result of the breach. However, for now, it appears not to be client-impacting.”
Furthermore, LastPass did not immediately respond to a request for any further comment. With respect to speculation on social media that hackers may be able to access the keys to passwords after stealing source code and proprietary information.
“It is unlikely that the stolen source code will give the criminals access to customer passwords,” Liska said.
Reading so far, I hope you must have gotten a fair insight into LastPass being attacked by hackers, and by now I believe you will be able to decide on your own whether or not you think it was the right thing to do and whether or not you think will be their next move.
In conclusion, what are your thoughts on LastPass being attacked by hackers? Do let us know in the comments area below. To know more about such reports, do check out other articles we have on our website. Thank you for your time & if you found our content informative, do share it with your investor friends!