Skip to main content

Hackers stole LastPass source code in data breach incident

Today, LastPass confirmed a data breach in a blog post describing the incident to its customers that rely on the company’s products for online security. The company emphasized that customer data was not stolen in the breach, however, and that users do not have to do anything to secure their data.

In a post written by CEO Karim Toubba, LastPass stated the following:

“Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults.”

The breach occurred through a compromised developer’s account, and the unauthorized party made off with portions of the company’s source code and proprietary LastPass technical information.

We recently detected unusual activity within portions of the LastPass development environment and have initiated an investigation and deployed containment measures. We have no evidence that this involved any access to customer data. More info: https://t.co/cV8atRsv6d pic.twitter.com/HtPLvK0uEC

— LastPass (@LastPass) August 25, 2022

Toubba emphasized that user information was safe and that the unauthorized party did not compromise any passwords or access user vaults.

While it’s comforting to know that no data was stolen at this time, the stolen source code and proprietary information could be a significant issue and contribute to later breach attempts. LastPass seems to be aware of this possibility, as Toubba adds later that the company has hired a “leading cybersecurity and forensics firm.”

This is the second data issue LastPass has experienced in the last year. In December, some LastPass users were subjected to a “credential stuffing attack” by hackers attempting to access personal vaults. According to the company, no one’s accounts were compromised in the attack.

LastPass says it will update customers as the company learns more about what happened.

The breach a few weeks ago occurred in the development environment, so no consumer’s passwords were at risk. User passwords are hidden in encrypted vaults that can only be accessed by the user’s master password. LastPass is largely considered one of the best password managers around.

Editors' Recommendations

Caleb Clark
Caleb Clark is a full-time writer that primarily covers consumer tech and gaming. He also writes frequently on Medium about…
Leaving LastPass? Here’s how to take all your passwords with you
LastPass

If you, like many of us, have been happily using LastPass's excellent free tier for the last few years, you're probably dismayed that LastPass is moving to change the way its free access works. From March 16, you'll only be able to sync your LastPass database between mobile devices or computers -- but not both. So if you want to keep accessing the same passwords on your phone and laptop, you'll have to pay up and join LastPass's premium subscription for $3 a month.

Of course, not everyone is wild to pay a subscription fee -- or has the free cash to do so. If that's you, you're probably looking for a password manager to replace LastPass. But you won't want to leave all your collected passwords and logins behind. Thankfully, you can quickly and easily export your LastPass passwords and login information and import them into your new password manager of choice. So go check out our list of the best password managers, then dive into our guide on how to leave LastPass and take your passwords with you.
Export your LastPass database
Now that you know you're moving from LastPass, the first step is to make sure you take everything with you. Thankfully, exporting your database from LastPass is simple. Unfortunately, there's no way to export your passwords from the mobile app, so you'll have to use a PC or Mac to complete this action.

Read more
Best HP laptop deals: Get a 14-inch Windows laptop for $170
An open HP Spectre x360 16 sits on a table, angled so that the screen and keyboard can be seen.

HP is one of the best laptop brands out there, and they're not afraid to slash their prices. Whether you're looking for cheap Chromebook deals or powerful gaming laptop deals, HP has something to offer. Below we've collected the best laptop deals on HP computers from around the internet. Models include the Pavilion, Victus, 17z and the mighty Omen.

HP 14-inch Laptop -- $170, was $200

Read more
Apple’s cheaper Vision Pro headset may have been scrapped, report claims
Apple Vision Pro being worn by a person while using a keyboard.

Apple’s Vision Pro headset is still months away from launching, but one well-known analyst has already painted a bleak picture for the device. According to the assessment, Apple might have canceled a low-cost version of the Vision Pro, leaving potential customers in the lurch.

The news was published in a report from Apple analyst Ming-Chi Kuo, who is thought to have well-placed sources in Apple’s supply chain. Previous leaks have suggested that Apple is working on a cheaper edition of the Vision Pro -- due to launch in 2025 -- to help users who can’t afford the base model’s $3,499 price tag, but Kuo thinks those plans might have been scrapped entirely.

Read more