Home Links LastPass says employee’s home computer was hacked and corporate vault taken | Ars Technica

LastPass says employee’s home computer was hacked and corporate vault taken | Ars Technica

, , , ,
LastPass says employee’s home computer was hacked and corporate vault taken by Dan Goodin (Ars Technica)

Already smarting from a breach that stole customer vaults, LastPass has more bad news.

Already smarting from a breach that put partially encrypted login data into a threat actor’s hands, LastPass on Monday said that the same attacker hacked an employee’s home computer and obtained a decrypted vault available to only a handful of company developers.Although an initial intrusion into LastPass ended on August 12, officials with the leading password manager said the threat actor “was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activity” from August 12 to August 26. In the process, the unknown threat actor was able to steal valid credentials from a senior DevOps engineer and access the contents of a LastPass data vault. Among other things, the vault gave access to a shared cloud-storage environment that contained the encryption keys for customer vault backups stored in Amazon S3 buckets.

Source: LastPass says employee’s home computer was hacked and corporate vault taken | Ars Technica

Post Views: 56

IronWynch

My pronouns are whatever you're comfortable with as long as you speak to me with respect. I'm an Afruikan and Iswa refugee living in Canaan. That's African American expat in Israel in Normalian. I build websites, make art, and assist people in exercising their spirituality. I'm also the king of an ile, Baalat Teva, a group of African spirituality adherents here. Feel free to contact me if you are in need of my services or just want to chat.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • You’ve read the article, now get the t-shirt! :-D