The keylogger captured the engineer’s Master Password for a LastPass vault used by other staffers. However, besides the one anonymous source, nothing ties Plex to the LastPass breach. An anonymous source told Ars Technica the hackers exploited a vulnerability in Plex installed on the engineer's computer, allowing them to install keylogging malware. LastPass' blog post says the hackers targeted one of its DevOps engineers.
LastPass explains it's now clear this attack is linked to the August breach, but that begs the question how an attack of this magnitude flew under the company's radar. The breached information includes plaintext data, encrypted text, website data like usernames and passwords, secure notes, and information for filling forms.
Barely two months have passed since this revelation, and LastPass now confirms the bad actors certainly have access to customer vault data. It involved a breach of an employee's personal computer, which allowed access to backups of LastPass users' vaults.
After an investigation, management maintained that user data was safe until another related security incident came to light in December 2022. To recall, LastPass suffered a breach in August last year, which allowed hackers to steal the password manager's source code.
0 kommentar(er)
