LastPass’ latest data breach exposed some customer information

LastPass has skilled one other knowledge breach, however this time, it uncovered person knowledge. In response to a publish from LastPass CEO Karim Toubba, hackers accessed a third-party cloud storage service utilized by the password supervisor and have been capable of “acquire entry to sure components” of “clients’ info.”

It’s nonetheless not clear what info hackers received entry to or what number of clients have been affected, however Toubba says that customers’ passwords weren’t compromised.

“Our clients’ passwords stay safely encrypted resulting from LastPass’s Zero Data structure,” Toubba writes, citing the corporate’s coverage which means solely the person is aware of their grasp password, with encryption that happens solely on the gadget degree and never server-side.

“We’re working diligently to grasp the scope of the incident and establish what particular info has been accessed,” Toubba says, including that the service stays “totally purposeful” regardless of the breach. The corporate has launched an investigation into what went unsuitable and stated it has additionally notified regulation enforcement.