LasPass, a password management service, has discovered that it was impacted by another breach of customer information that is potentially linked to a previous security breach that occurred in August. The investigation into the original incident is ongoing and being conducted by Mandiant. Additionally, law enforcement was notified of the original data breach. LastPass stated that the company recently detected unusual activity in a third-party cloud storage service. The service is shared by LasPass and its affiliate GoTo.
LastPass also stated that it believes the unauthorized party used information obtained in the incident that occurred earlier this year and was able to gain access to certain customer information. The company confirmed that customers’ passwords remain safely encrypted as it deploys Zero Knowledge architecture. LastPass did not confirm what type of customer data was compromised in the recent incident.
