This is LastPass, used by about 33 million users. Its director, Karim Toubba, confirmed the news but assured that personal data was not affected.
It’s not a joke, nor is it a joke. LastPassone of the computer password managers most used in the world confirmed that was hacked by a hacker that stole your source code and proprietary information after breaking into their systems. Although, according to the company, that it did not affect data or credentials saved by users.
The news was confirmed by the executive director of that company, Karim Toubbawhich in a statement said: “We discovered that an unauthorized actor gained access to parts of the development environment of LastPass through a single compromised developer account and took parts of the source code and some proprietary technical information”. The CEO added that the company’s products and services kept normal operation.
Toubba further commented that they found no evidence of information theft by the attackers. In other words (according to the official report) the hackers who accessed the service no passwords or user information were taken.
“In response to the incident, we implemented containment and mitigation measures, and we hired a leading cybersecurity and forensic analysis firm. While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity.”
It is not the first time that the company is at the center of the scene and looks askance. Last year the German security researcher, Mike Kuketz, published that the Android app had seven ad trackers and integrated analytics that collected data cfor commercial purposes.
The computer scientist considered it unacceptable that applications that process extremely sensitive data have and analysis modules integrated into them: “To put it in general terms: applications that process sensitive data they should not integrate external code that is not their property And it’s not transparent.
These tracking systems (trackers) showed companies the model of the users’ device or if the equipment used biometric data. Kuketz recommended on the occasion to stop using LastPass, according to the site. The Register.
DB