Last year, the popular password manager LastPass was subjected to a significant cyberattack that stole critical customer data, including passwords. Back in December, the corporation issued a statement acknowledging that such data had been stolen by attackers and advising users to change their passwords. According to LastPass, the breach was caused by credentials taken from a DevOps developer.
A concerted attack in August 2022 allowed hackers to access and steal data from Amazon AWS cloud servers, according to a blog post. More specifically, the server credentials were taken from a DevOps engineer with access to the company’s cloud storage. LastPass’s ability to detect suspicious behavior was hampered as a result.
Incidentally, it’s heard that the engineer’s computer was compromised due to a flaw in the Plex media software. Plex started 12 days after the LastPass incident that it had also been the victim of an attack that resulted in the theft of 15 million user passwords.
The attackers gained access to servers containing backups of the LastPass clients and encrypted vault data. Following the incident, LastPass took many actions to avoid future assaults and to examine what occurred. The developer was helped to secure their personal network, and new multi-factor authentications were applied to LastPass’s systems.