It turned out that the password and personal information of the password management application 'LastPass' were stolen

Password management app LastPass has seen hackers gain unauthorized access to customer data since its source code was stolen in an unauthorized access in August 2022. LastPass announced on December 22, 2022 that data such as user personal information and passwords were leaked due to unauthorized access.

Notice of Recent Security Incident - The LastPass Blog
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

LastPass says hackers stole customers' password vaults | TechCrunch
https://techcrunch.com/2022/12/22/lastpass-customer-password-vaults-stolen/

LastPass users: Your info and password vault data are now in hackers' hands | Ars Technica
https://arstechnica.com/information-technology/2022/12/lastpass-says-hackers-have-obtained-vault-data-and-a-wealth-of-customer-info/

In August 2022, LastPass revealed that hackers had leaked some of its source code and some of its technical information.

A situation where the source code of the password management application 'LastPass' is stolen occurs - GIGAZINE

In early December 2022, it was found that someone illegally accessed LastPass user data by using the source code leaked in August.

It turns out that a hacker accessed customer data using the source code stolen from the password management application 'LastPass' - GIGAZINE

At the time of the unauthorized access in August and early December, LastPass said, ``LastPass's Zero Knowledge architecture has not affected users' encrypted passwords, personal information, or other data.'' The official announcement on December 22, 2022 admits that a hacker has leaked the user's personal information and password.

On the other hand, LastPass does not store the user's credit card number in the cloud, so it was not possible to confirm any evidence that the credit card information was leaked.

LastPass encourages users to change their Master Password. In addition, if your master password is a weak password that can be easily guessed, or if you reuse passwords, we recommend that you change the passwords for bank accounts, SNS accounts, etc. that are linked to your master password. increase.

He also said, `` Multi-factor authentication is a means to make it difficult for hackers to gain unauthorized access,'' and set multi-factor authentication for important accounts such as email accounts and phone company accounts to enhance security. is recommended.