Home Ā» LastPass is being sued following major cyberattack
Phishing

LastPass is being sued following major cyberattack

by Techradar - All the latest technology news
written by Techradar - All the latest technology news 0 comment

LastPass has been threatened with legal action following a months-long data breach that began in August 2022 and led to the leak of potentially millions of users’ private information.

A statement by the password manager CEO Karim Toubba at that time claimed a lack of evidence that any customer data was at risk, though a leading cybersecurity and forensics firm was deployed.Ā 

A December 2022 notice announced that ā€œan unknown threat actor accessed a cloud-based storage environment leveraging information obtained from the incidentā€.
LastPass August 2022 leak

According to the class action complaint filed in a Massachusetts court, names, usernames, billing addresses, email addresses, telephone numbers, and even the IP addresses used to access the service were all made available to wrongdoers.Ā 

The final straw in the hat could have been the leak of customersā€™ unencrypted vault data, which includes all manner of information ranging from website usernames and passwords to other secure notes and form data.

According to the lawsuit, ā€œLastPass understood and appreciated the value of this Information yet chose to ignore it by failing to invest in adequate data security measuresā€.

Read more

> These are the best ID theft protection tools> LastPass is about to enter the metaverse> LastPass confirms customer password vaults were stolen

The caseā€™s plaintiff claims to have invested $53,000 in Bitcoin since July 2022, which was later ā€œstolenā€ several months later, leading to police and FBI reports.Ā 

More recently, Toubba took to the companyā€™s blog to announce that ā€œsome source code and technical information were stolen from [LastPassā€™s] development environmentā€, leading to an attack on an employeeā€™s account that saw credentials and keys being stolen. The company has since that it is ā€œdecommissioning that environment in its entirety and rebuilding a new environment from scratch.ā€

While the case plaintiff has demanded a jury trial with regards to the leak and their subsequent losses, it remains to be seen what (if any) action shall be taken against LastPass.

Protect yourself with the best firewalls

Source: Read More

You may also like

Outpost 24’s honeypots register 42 million attacks

How AI chatbot ChatGPT changes the phishing game

Cyber Attack news headlines trending on Google

Attacks on 2 Specialty Care Providers Affect Nearly 600,000

Rapid7 CEO Corey Thomas on Targeting Phishing Infrastructure

DDosia: A botnet created to facilitate DDoS attacks

Leave a Comment

CyberNonStop

Cybernonstop is created to bring news and knowledge through articles to visitors.

Do not forget to subscribe.

  • 3033 Ogden Ave. Suite 113, Lisle IL USA
  • Email: nonstop@cybernonstop.com

About Links

Useful Links

Laest News

Vice Society Ransomware Gang Exposes Sensitive UDE Data in Latest Leak
Google Ads Malware Wipes NFT Influencer’s Crypto Wallet
Q&A with ex-Facebook CSO and Stanford Internet Observatory professor Alex Stamos on overestimating mis- and disinformation’s impact, Brazil, Gamergate, and more (Peter Kafka/Vox)
Blackmarket prices for passwords in early 2000’s

@2021 – All Right Reserved. Designed and Developed by PenciDesign

Facebook Twitter Instagram Linkedin Youtube Email
Close