The LastPass hack was limited to the development environment without affecting user data

MADRID, Sep. 19 (Portaltic/EP) –

LastPass has shared the conclusions of the investigation that it initiated by the hack that affected their systems in Augustand reiterated that it has not affected the data of the users of the application or the encrypted password vault, since it was limited to the development environment.

The company’s systems detected the access of a malicious actor in August, whose activity is limited to a period of four daysas the company has shared in an update on the investigation launched in August.

In those four days, the malicious actor was able to access to the development environment through a committed team, which is a distinct and separate environment from Production and does not contain the encrypted user data and password vault.

LastPass notes that the method by which this actor gained access to the development environment is “inconclusive” but that they do know that he used “his persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication.” .

The company has reassured users of its password management service, ensuring that neither do they themselves have access to the master passwords of the vaults. They have also implemented additional security controls.

Related articles

Yolanda Díaz is committed to bringing forward the closure of restaurants and sees it...

Frame the debate on the need to reduce the working day and adapt the schedules to the rest of Europe ...

There is nothing written in tastes…: Three men got married in Uruguay and go...

In matters of love and taste there are no rules. And this is precisely what happened in Uruguay, where three men got married...

Volcano on uninhabited Galapagos island erupts

The Geophysical Institute of Ecuador reported that the La Cumbre volcano, on one of the Galapagos Islands, erupted this weekend, this being the fourth...