We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

LastPass Security Breach Worse Than Initially Reported

A photo of LastPass running on a smartphone.

Back in August, password management company LastPass announced that it was the victim of a security breach where hackers got away with source code and other technical information. At the time, the company assured the public that no customer data had been compromised. Now, it’s changing its story.

In a blog post dated November 30th, LastPass CEO Karim Toubba informed customers that “an unauthorized party … was able to gain access to certain elements of our customer’s information.” The CEO didn’t specify what type of information was compromised in the blog post. However, he assured customers that their passwords were safe as the company’s Zero Knowledge architecture protects them.

The Zero Knowledge technology employed by LastPass means that no plain-text passwords are stored on company servers and that only customers can access their unencrypted passwords.

Toubba explained that while customer data was not accessed during the August attack, information that the hackers obtained was subsequently used to get customer info. The CEO went on to assure his client base that the company is working hard to understand the full scope of the breach and is deploying enhanced security measures and closely monitoring for any further attacks.

The admission is surely an embarrassment for LastPass, but it’s not the first time in recent memory the company has suffered a massive security breach. Less than a year ago, the company suffered a brute-force attack from hackers, causing a slew of unauthorized login attempt notifications to go out to many of its customers.

Source: LastPass

Danny Chadwick Danny Chadwick
Danny has been a technology journalist since 2008. He served as senior writer, as well as multimedia and home improvement editor at Top Ten Reviews until 2019. Since then, he has been a freelance contributor to Lifewire and ghostwriter for Fit Small Business. His work has also appeared on Laptop Mag, Tom’s Guide, and business.com. Read Full Bio »