Information leakage of password management application 'LastPass' is caused by employee's home PC hacking

The password management system 'LastPass' has been reported one after another, with the source code leaking in August 2022 and the user information leaking in December 2022. Newly, LastPass announced that a series of information leaks were caused by ``the employee's PC was attacked and a keylogger was installed''.

Incident 2 – Additional details of the attack - LastPass Support
https://support.lastpass.com/help/incident-2-additional-details-of-the-attack

LastPass is a service that can store password information for web services, and user passwords are stored in encrypted form on LastPass servers. However, in August 2022, it turned out that the source code of LastPass was stolen. Furthermore, in December 2022, it was announced that personal information including user passwords was leaked.

It turns out that the password and personal information of the password management application 'LastPass' were stolen - GIGAZINE

LastPass has newly announced that a series of information leaks were due to employee PCs being hacked.

LastPass uses Amazon's cloud storage service `` Amazon Simple Storage Service (Amazon S3) '', and said that he assigned Amazon S3 access keys to four employees. However, as a result of hacking one of the four home PCs and installing a key logger, the Amazon S3 access key was stolen.

Attackers used stolen access keys to steal LastPass backup data, company shared data, and more. At this time, LastPass said that the attacker used the administrator's access key to access various data, so the ``abnormal behavior'' was not detected, leading to a delay in finding the problem.

LastPass has strengthened the security of employees whose PCs were hacked and Amazon S3. We are also calling on LastPass users to improve security, such as changing their master password and enabling two-factor authentication.