The hacker used the information it acquired from the first attack to coordinate another one. LastPass suffered a cyber attack last year that resulted in a breach, allowing the threat actor to get a hold of sensitive customer data including passwords.
LastPass said an engineer's home computer was targeted in a security incident in August to obtain credentials to access its corporate vault and exfiltrate data from cloud-storage resources.
Password management provider LastPass has admitted that part of last August’s breach of security controls included hackers compromising the home computer of one of the company’s DevOps engineers to help in data theft. LastPass, which is owned by GoTo, had previously detailed the attack, which saw a threat actor exfiltrating encrypted backups involving its Central,
Password management provider LastPass has admitted that part of last August's breach of security controls included hackers compromising the home computer of one of the company's DevOps engineers to help in data theft. LastPass, which is owned by GoTo, had previously detailed the attack, which saw a threat actor exfiltrating encrypted backups involving its Central,