lastpass password manager Keys

Hackers Had Access to LastPass’s Development Systems for Four Days

Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022.

“There is no evidence of any threat actor activity beyond the established timeline,” LastPass CEO Karim Toubba said in an update shared on September 15, adding, “there is no evidence that this incident involved any access to customer data or encrypted password vaults.”

LastPass in late August revealed that a breach targeting its development environment resulted in the theft of some of its source code and technical information, although no further specifics were offered.

The company, which said it completed the probe into the hack in partnership with incident response firm Mandiant, said the access was achieved using a developer’s compromised endpoint.

While the exact method of initial entry remains “inconclusive,” LastPass noted the adversary abused the persistent access to “impersonate the developer” after the victim had been authenticated using multi-factor authentication.

The company reiterated that despite the unauthorized access, the attacker failed to obtain any sensitive customer data owing to the system design and zero trust controls put in place to prevent such incidents. This includes complete separation of development and production environments and inability to access customer password vaults without a master password set by the user.

“Without the master password, no one other than the vault owner can decrypt the vault data.” said Toubba.

Additionally, source code integrity checks were performed to look for signs of contamination, revealing that developers did not have the necessary permissions to transfer source code directly from development to production.

Finally, LastPass utilizes the services of “big” cybersecurity companies to improve its source code security practices and additional endpoints to implement his security guardrails to better detect attacks on its systems and pointed out that it was prevented.

Leave a Comment

Your email address will not be published.