Hackers steal source code from LastPass, world’s most popular password manager
- The platform, used by more than 33 million people around the world, said it doesn’t believe any passwords were taken as part of the breach
- It added the perpetrators were able to gain access through a single compromised developer’s account
LastPass, a password manager used by more than 33 million people around the world, said a hacker recently stole source code and proprietary information after breaking into its systems.
The company doesn’t believe any passwords were taken as part of the breach and users shouldn’t have to take action to secure their accounts, according to a blog post on Thursday.
An investigation determined that an “unauthorised party” cracked into its developer environment, which is the software that employees use to build and maintain LastPass’s product. The perpetrators were able to gain access through a single compromised developer’s account, the company said.
The attack struck a company that generates and stores hard-to-crack, auto-generated passwords for multiple accounts, like Netflix or Gmail, on behalf of its users – without the need to manually enter credentials. LastPass lists Patagonia, Yelp Inc. and State Farm as customers on its website.
Cybersecurity website Bleeping Computer reported that it had asked LastPass about the breach two weeks ago.