LastPass, a Password management solution firm disclosed a security breach.
Threat actors had access to part of its development environment through a single compromised developer account and stole portions of source code and some proprietary technical information.
The company has deployed containment and mitigation measures and is implementing additional enhanced security measures as a post incident measures.
“Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. An unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information. Our products and services are operating normally.”LastPass statement
The company engaged a leading cybersecurity and forensics firm to investigate the incident, it confirmed that the data breach did not compromise users’ Master Passwords.
LastPass claims that its investigation has shown no evidence of any unauthorized access to customer data in its production environment.
LastPass, which as more than 30 million users worldwide states that it will continue to update its customers with the transparency they deserve