Data Breach
LastPass Data Breach
33.0M records exposed • August 2022
Hackers broke into a LastPass engineer's home computer, then used that access to steal everyone's encrypted password vaults. If your master password was weak, all your passwords could be cracked.
What Happened
LastPass suffered a devastating breach where attackers compromised a DevOps engineer's home computer to access encrypted customer password vaults.
Attack method: Compromised DevOps engineer home computer
What Data Was Exposed
Encrypted password vaults, Email addresses, Company names, Billing addresses, IP addresses, Website URLs
Is your business exposed?
What to Do If You're Affected
- 1.
Change your LastPass master password
- 2.
Change all passwords stored in LastPass
- 3.
Consider switching password managers
Lessons for Businesses
- • Work-from-home security extends the attack surface
- • Password managers are high-value targets
- • Encryption is only as strong as the master password
Sources
Related Breaches
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required