Skip to content

LastPass breach: Passwords are safe, source code leaked

Photo by Tada Images/

Lastpass systems were breached and the cybercriminals got away with portions of source code, and some proprietary tech information but none of the customer data or encrypted password vaults was accessed.

The company found out that a single compromised developer account allowed the cybercriminals to gain access to portions of Lastpass development environment, which allowed them to steal portions of the source code and proprietary data.

Lastpass confirmed that the breach didn’t affect their products or services and all systems are running as usual and they don’t see “further evidence of unauthorised activity”.

According to the company, no Master Password was compromised, which by extension means all the passwords should be safe.

“After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults,” Lastpass confirmed on Thursday.

In December 2021, Lastpass blamed credential stuffing as dozens of people received email notifications that their master password was compromised and further login attempts were blocked. However, it was also reported that thousands of Lastpass login credentials were found in Redline Stealer malware logs.

“At this time, we don’t recommend any action on behalf of our users or administrators. We have deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm,” Lastpass said.

In the News: SpaceX’s Starlink will soon fill dead zones in T-Mobile’s network

Hello There!

If you like what you read, please support our publication by sharing it with your friends, family and colleagues. We're an ad-supported publication. So, if you're running an Adblocker, we humbly request you to whitelist us.

We may earn a commission if you buy something from a link on this page. Thanks for your support.