LastPass becomes a cyber attack victim for the second time from the first time


It is a well-known fact that those spreading malware like ransomware strike the same victim twice, if/when the victim shows negligence in fixing up the vulnerability that previously led to a data breach. The same thing happened with LastPass, a company that offers password managing services.

According to the details available to our Cybersecurity Insiders, threat actors used the previous credentials stolen from the previous cyber attack launched in August last year to infiltrate the same database for the second time.

Official info is out that the threat actors used the same credentials stolen in Aug’22 to leverage information from the LastPass development environment for the second time.

From a technical point of view, the cyber crooks used the stolen source code and other tech details got from a keylogger malware planted on the device of a DevOps Engineer to launch a digital attack for the second time at the end of last year.

It’s reported that the same info was used to target another employee to steal data from large cloud storage volumes by keying in the master password.

Meaning, even after learning about the digital attack, the company failed to shut the security gap to a cloud storage server, thus allowing the criminals to copy info from a backup server for the second time. And this time they managed to steal customer account details and linked metadata including email address, telephone numbers, billing addresses, end-user names and employee full names along with their device IP address that was being used to access LastPass website.

This could be the effect of BYOD or WFH culture, where employees are given a privilege of working from their comfort zones, thus throwing basic security practices into thin-air.

In its latest statement, LastPass says that it upgraded its security posture and is also trying to add an extra security layer S3 to catalyze logging and alert mechanisms.

Users are also being urged to change their master password to mitigate risks associated with the password steal from the storage vault of its company.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display