![]() LastPass chief executive Karim Toubba says ‘unauthorized party. However, LastPass now says that the threat actor was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activity aimed at the company’s the cloud storage environment from August 12 to October 26, 2022. LastPass says that a threat actor was able to steal corporate and customer data last year by hacking an employee’s personal computer to access the company’s cloud storage. Security News GoTo, LastPass Confirm Hacker Attack On Shared Cloud-Storage Services Jay Fitzgerald November 30, 2022, 06:59 PM EST. The first intrusion ended on August 12 last year. The company had divulged information about the data breaches last year the update reveals for the first time that the same threat actor was responsible for both breaches. The threat actor involved in the breaches infected the engineer’s home computer with a keylogger, which recorded information that enabled a cyberattack that exfiltrated sensitive information from the company’s AWS cloud storage servers, LastPass said in a cybersecurity incident update Monday. ![]() However, it does not appear to be isolated to defunct credentials. ![]() Password management company LastPass, which was hit by two data breaches last year, has revealed that data exfiltrated during the first intrusion, discovered in August, was used to target the personal home computer of one of its devops engineers and launch a second successful cyberatttack, detected in November. LastPass users on the Hacker News forum are reporting login attempts on old and inactive accounts.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |