MADRID, Dec. 1 (Portaltic/EP) –
LastPass has reported a new security incident in a third-party cloud storage service that is used by both this password management platform and its partner GoTo, linked to this summer’s security breach.
The company has launched an investigation together with security firm Mandiant after detect unusual activity by a third party, who would have taken advantage of the information stolen in the breach confirmed this summer.
This actor gained access to a external cloud storage service shared by LastPass and GoTo. In it, he was able to reach elements of customer informationalthough LastPass ensures that the access credentials have been kept safe, as stated in a press release.
The investigation initiated seeks to determine the specific information that has been accessed, but neither this nor the incident has affected the normal operation of the password management service.
This incident follows a data breach that LastPass acknowledged in August, whereby a third party was able to gain access to the development environment, and obtain “portions of the source code and certain proprietary technical information of LastPass”, without affecting the data or credentials saved by users.
