News

LastPass hack occurred by hacking high-ranking employee

By admin
Spread the love

The attackers who stole data from LastPass also stole cloud backups in the process. This happened in a second attack that occurred shortly after the first, in which a senior programmer at the company was attacked.

LastPass records that a new support document. This is a second incident that occurred last year, shortly after LastPass reported a hack in August. The company then reported that it had been hacked but that only source code and technical information was taken, but weeks later LastPass was forced to admit that encrypted passwords had also been stolen. Now the company says that cloud backups have also been accessed, through an employee.

After the first attack, the attacker allegedly used information captured during the first hack. It is not known what information that was, but between August 12 and October 26 the attacker is said to have explored the systems and exfiltrated internal data. Although LastPass logged activities, the attacker was not noticed.

The attacker allegedly stole login credentials from the home computer of a senior devops programmer. An interesting detail is that the attacker managed to gain entry by downloading the master password of the DevOps programmer, but he then also approved the multi-factor authentication request. That programmer was one of four people within LastPass who had access to a LastPass vault containing AWS Access Keys. This allows backups of customer data and vaults that were in AWS S3 buckets to be stolen.

The backups on AWS contained a lot of information; LastPass has another document posted online containing a list of stolen data. This includes mfa seeds and identifying information, but the company also writes that five blobs were downloaded from backups of customers who had an account between August 20 and September 8. These blobs also contained encrypted fields for passwords and unencrypted fields for URL names, for example. Another striking detail is that LastPass has hidden the new blog posts from search engines with a meta tag, discovered BleepingComputer.

LastPass says it has taken several actions. For example, the company has added extra security to mfa apps and the credentials of internal employees have been reset. The AWS environment has also been analyzed and new security measures have been added.

You might also like
Extensions & Addns

ShortcutKey2URL for Chrome . Extension

News

Water collection from the air using a portable system

Review

AMD X870 Motherboards Review- ASUS, ASRock and MSI present line-ups

Review

New eras for old favorite – Civilization VII Review

Review

Waterproof range for your garden – TP-Link Deco X50-Outdoor Quick Test

Downloads

Download Office 365 Offline Installer ISO / IMG