These keys allowed the threat actor to copy and exfiltrate certain customer data from backups. Those shared folders contained a bevy of sensitive data, including decryption keys for crucial cloud resources. One of Monday's updates provided further details on how the threat actor stole the keys - by hacking into the home system of a LastPass DevOps engineer who had access to "a highly restricted set of shared folders" in a corporate LastPass vault. According to LastPass CEO Karim Toubba, an unnamed threat actor used data obtained from the August breach to target an employee and steal credentials and decryption keys. The second incident was first disclosed as an incident "under investigation" in late November before being detailed in a Dec.
The first incident was initially disclosed last August and involved the theft of "proprietary LastPass technical information" and source code.
LastPass on Monday provided additional details surrounding the two breaches it suffered last year.
0 kommentar(er)
