The famous password management platform LastPass recently sent an email to users saying it had been compromised.
In the post, LastPass CEO Karim Toubba said he noticed anomalies on the platform two weeks ago. The company immediately went into containment mode, implementing mitigation measures, including partnering with a cybersecurity company to open a detailed investigation.
Although the investigation is still ongoing, the LastPass CEO said there is no indication of access to user data or encrypted password vaults. He said LastPass source code and proprietary technical documentation were stolen.
LastPass has yet to disclose details of the breach, but says one party gained unauthorized access to gain access by compromising a developer account.
The company emphasizes that no customer, password or user data has been breached as the unauthorized account also does not have access to this information.
As a result, LastPass hasn’t advised users to take steps to protect themselves, but said it will continue to provide updates as more details become available.
The LastPass incident is cyber security the second high-profile Plex – software that provides multimedia streaming services – has confirmed the compromised database, emails, usernames and encrypted passwords were stolen.