You are currently viewing LastPass Confirms Hacker Couldn’t View Customer Data

LastPass Confirms Hacker Couldn’t View Customer Data

The LastPass password manager gives more details about the hack, which it suffered last August. The author had access to the company’s internal ‘kitchen’ for four days, but not to customer data.

‘There was not the slightest evidence of dangerous activity after this period. We can also confirm that during this incident, the hacker did not access customer data or password safes.

LastPass has in recent weeks reviewed its processes and the break-in committed jointly with, among others, the security company Mandiant. In a new statement posted on its blog, LastPass explains that the hacking author gained access to the development environment and, in doing so, was able to get a two-factor verification approved.

The company doesn’t provide much other information, except that the break-in was made possible via a compromised device (likely a laptop or phone). She insists that the development environment was separated both physically and digitally from the production environment, and that the former contained no real customer data.

‘There was not the slightest evidence of dangerous activity after this period. We can also confirm that during this incident, the hacker did not access customer data or password vaults,” the company said. its processes and the joint break-in with, among others, the security company Mandiant. In a new statement posted on its blog, LastPass explains that the hacking author gained access to the development environment and, in doing so, was able to get two-factor verification approved. other information, except that the break-in was made possible via a compromised terminal (probably a laptop or a telephone). She insists that the development environment was separated both physically and digitally from the production environment, and that the former contained no real customer data.