Hackers stole customers’ password vaults: LastPass

December 23, 2022

, By Sarika Parmar

Share via:

The world’s largest password manager, LastPass, has confirmed that in a data breach earlier this year, cybercriminals stole its customers’ encrypted password vaults, which store their passwords and other secrets.

The intruders used cloud storage keys stolen from a LastPass employee to access a backup of customer vault data, according to LastPass CEO Karim Toubba in an updated blog post on the company’s disclosure. The technical and security specifics of this proprietary format were not provided, but it is believed that the cache of customer password vaults is kept in a “proprietary binary format” and contains both encrypted and unencrypted vault data. Web addresses that are stored in a vault are among the unencrypted data, but LastPass does not specify further information or context. It’s unclear how recent the backups that were stolen are.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Previous News

SaaS startup Codebuddy raised undisclosed strategic investment from INT

Next News

Online retailer Flipkart no longer holds a stake in the payments company PhonePe

Popular

More Like this

Hackers stole customers’ password vaults: LastPass

December 23, 2022

, By Sarika Parmar

The world’s largest password manager, LastPass, has confirmed that in a data breach earlier this year, cybercriminals stole its customers’ encrypted password vaults, which store their passwords and other secrets.

The intruders used cloud storage keys stolen from a LastPass employee to access a backup of customer vault data, according to LastPass CEO Karim Toubba in an updated blog post on the company’s disclosure. The technical and security specifics of this proprietary format were not provided, but it is believed that the cache of customer password vaults is kept in a “proprietary binary format” and contains both encrypted and unencrypted vault data. Web addresses that are stored in a vault are among the unencrypted data, but LastPass does not specify further information or context. It’s unclear how recent the backups that were stolen are.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

Previous News

SaaS startup Codebuddy raised undisclosed strategic investment from INT

Next News

Online retailer Flipkart no longer holds a stake in the payments company PhonePe

More like this

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!