Authentication software firm LastPass announces access to proprietary data

Authentication software firm LastPass announces access to proprietary data

https://www.theregister.com/2022/08/25/lastpass_security/

Exploit: Ransomware
LastPass: Software Company

March-21-post-image

Risk to Business: 1.836 = Severe
Authentication software firm LastPass said on Thursday that someone broke into one of its developer’s accounts and used that to gain access to proprietary data including source code. The company said in a statement that the incident had been contained and that they see no further evidence of unauthorized activity. LastPass says there is no evidence that customer data or encrypted password vaults were compromised. This breach may be related to the recent Twilio hack which impacted many companies. 

Individual Impact:
No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business: The Information Technology sector was one of the 14 critical infrastructure sectors most victimized by ransomware last year.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.