Password manager LastPass has been hacked

The CEO of password-manager company LastPass Karim Toubba said Thursday that it was recently hacked, but the company sees no evidence the incident exposed any customer data or passwords.

The software allows users to store their passwords for various accounts and websites in a "vault" that can be unlocked with a singular master password, also providing customers with auto-generated passwords designed to be hard to guess.

As detailed by LastPass, an unauthorized third party gained access to the developer environment through a compromised developer account. While some proprietary source code and other proprietary info was stolen, LastPass has clarified that no sensitive user info, such as master passwords, encrypted account passwords, or account information, was taken by the attacker.

Toubba said the company became aware of the hack after observing unusual activity two weeks ago. LastPass said its software is designed so that the company can never know or gain access to customers' master passwords.

"Our investigation has shown no evidence of any unauthorized access to encrypted vault data," the company wrote on a frequently asked questions page. "Our zero knowledge model ensures that only the customer has access to decrypt vault data."

Read more -here-

• OpenAI announces new o3 models
• Samsung to announce AI hybrid cooling refrigerators at CES 2025
• Bad actors steal $5.36M in LastPass attack
• FTC announces final rule banning junk fees on tickets and hotels
• EU officially begins work on $11 billion Starlink rival, IRIS2
• Microsoft kills off Skype credits and phone numbers in favor of subscriptions