Published 1 December 2022 at 13.56
Foreign. The popular password service LastPass, which allows users to collect all their passwords in one “safe” place, has been the victim of a data breach.
Like the article på Facebook
According to a press release from the company, it has chosen to store the users' passwords on a “cloud service” – unclear which one – where they turned out to have ended up in the wrong hands.
“We have established that a third person, who used data leaked in August 2022, has gained access to certain parts of our users' information,” the company writes.
In August, someone managed to get into the company's development environment by getting into in a developer's personal computer. At the time, the company claimed that the breach had been “limited” and that the production environment – where the users' data is located – was separated and completely protected from intrusions into the development environment.
However, this was not the case. According to the company, however, users' passwords are still “securely encrypted”. What information is stored in plain text, and thus risks being accessed by unauthorized persons, the company does not print out in plain text in its press release.