AppleInsider may earn an affiliate commission for purchases made through links on our site.
The developers of the LastPass security app and service say it is investigating a new security incident leading to user data theft just three months after the last one.
LastPass is one of the most talked about apps and services to keep users’ passwords secure. The company has openly disclosed a new security investigation that emerged from that in August 2022.
“We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its subsidiary, GoTo,” LastPass CEO Karim Toubba wrote in a statement. blog post. “We immediately launched an investigation, called in Mandiant, a leading security company, and alerted the police.”
“We have determined that an unauthorized party, using information obtained in the August 2022 incident, gained access to certain elements of our customers’ information,” Toubba continued. “Our customers’ passwords remain securely encrypted thanks to LastPass’ Zero Knowledge architecture.”
“We are working hard to understand the scope of the incident and determine what specific information was accessed,” says Toubba.
The company advises users to keep their LastPass apps up to date. It also provides general best exercise guidelines online.
This incident comes a year after LastPass members reported that their master passwords appeared to have been hacked. At the time, LastPass told AppleInsider that there had been no security compromise and that it believed hackers were using passwords obtained from “third party breaches involving other unaffiliated services”.