{"id":56638,"date":"2022-08-26T02:58:58","date_gmt":"2022-08-26T02:58:58","guid":{"rendered":"https:\/\/harchi90.com\/lastpass-source-code-blueprints-stolen-by-intruder-the-register\/"},"modified":"2022-08-26T02:58:58","modified_gmt":"2022-08-26T02:58:58","slug":"lastpass-source-code-blueprints-stolen-by-intruder-the-register","status":"publish","type":"post","link":"https:\/\/harchi90.com\/lastpass-source-code-blueprints-stolen-by-intruder-the-register\/","title":{"rendered":"LastPass source code, blueprints stolen by intruder \u2022 The Register"},"content":{"rendered":"<div id=\"body\">\n<p>Internal source code and documents have been stolen from LastPass by a cyber-thief.<\/p>\n<p>The password manager maker said on Thursday that someone broke into one of its developer&#8217;s accounts, and used that to gain access to proprietary data.<\/p>\n<p>The we, a big beast in the security world and based in Massachusetts, insisted that its users&#8217; passwords were still safe, adding that theft took place about two weeks ago.  GoTo-owned LastPass is said to have more than 25 million users and 80,000 business customers.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n        <noscript><\/p>\n<p>                <\/p>\n<p>        <\/noscript>\n    <\/div>\n<p>&#8220;We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information,&#8221; CEO Karim Toubba said in a statement.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\">\n            <noscript><\/p>\n<p>                    <img src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Ywg28R8CFvG9pyd3RPKcaQAAARA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/p>\n<p>            <\/noscript>\n        <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\">\n                <noscript><\/p>\n<p>                        <img src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Ywg28R8CFvG9pyd3RPKcaQAAARA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/p>\n<p>                <\/noscript>\n            <\/div>\n<\/p><\/div>\n<p>&#8220;Our products and services are operating normally.&#8221;<\/p>\n<p>Toubba added:<\/p>\n<p>The break-in became apparent, we&#8217;re told, after &#8220;some unusual activity&#8221; was detected in the development area of \u200b\u200bLastPass&#8217;s computer network.  The software house said it had contained the security breach, taken steps to prevent it happening again, and contacted outside infosec experts for help.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" src=\"https:\/\/i0.wp.com\/regmedia.co.uk\/2019\/12\/09\/puzzled_shutterstock.jpg?resize=174%2C115&#038;ssl=1\" alt=\"puzzled\" width=\"174\" height=\"115\" data-recalc-dims=\"1\" \/><\/p>\n<h2 title=\"You just save it in Chrome or Firefox? Ugh. And then it autofills when you need it again? Oh the horror\">We can&#8217;t believe people use browsers to manage their passwords, says maker of password management tools<\/h2>\n<p><span>READ MORE<\/span><\/div>\n<p>The chief exec said his outfit may take further steps to shore up its network defenses.<\/p>\n<p>LastPass offers a software vault that stores your username and password pairs for logging into websites, saving you from having to memorize lots of long complex strings: you can create unique and tough to crack passwords for each site account and have them saved in your vault.  A master passphrase is needed to unlock and use these credentials.  All you have to do is create and remember that secret phrase.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n            <noscript><\/p>\n<p>                    <img src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Ywg28R8CFvG9pyd3RPKcaQAAARA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/p>\n<p>            <\/noscript>\n        <\/div>\n<p>We&#8217;re told that these master passwords are still safe, and haven&#8217;t been compromised or accessed by the intruder, and the contents of people&#8217;s vaults are also untouched.  For one thing, LastPass doesn&#8217;t know or keep a copy of your master password: that&#8217;s for you to memorize and protect.<\/p>\n<p>Sit back and relax is the message.  &#8220;Our investigation has shown no evidence of any unauthorized access to customer data in our production environment,&#8221; LastPass added in a statement.  &#8220;At this time, we don&#8217;t recommend any action on behalf of our users or administrators.&#8221;<\/p>\n<p>That said, LastPass has not been blunder free over the years.  In 2019, it fixed a bug websites could exploit to steal passwords for accounts on other sites, it had a serious password-leaking flaw in its code in 2017, and so on.  \u00ae<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Internal source code and documents have been stolen from LastPass by a cyber-thief. The password manager maker said on Thursday that someone broke into one of its developer&#8217;s accounts, and used that to gain access to proprietary data. The we, a big beast in the security world and based in Massachusetts, insisted that its users&#8217; &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/harchi90.com\/lastpass-source-code-blueprints-stolen-by-intruder-the-register\/\"> <span class=\"screen-reader-text\">LastPass source code, blueprints stolen by intruder \u2022 The Register<\/span> Read More &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":56754,"url":"https:\/\/harchi90.com\/lastpass-password-manager-used-by-millions-across-the-world-says-it-was-hacked\/","url_meta":{"origin":56638,"position":0},"title":"LastPass, Password Manager Used By Millions Across the World Says It Was Hacked","date":"August 26, 2022","format":false,"excerpt":"LastPass is a password manager used by over 33 million people around the world. (Representational)LastPass, a password manager used by more than 33 million people around the world, said a hacker recently stole source code and proprietary information after breaking into its systems.The company doesn't believe any passwords were taken\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":64153,"url":"https:\/\/harchi90.com\/samsung-just-had-a-data-breach\/","url_meta":{"origin":56638,"position":1},"title":"Samsung Just Had a Data Breach","date":"September 2, 2022","format":false,"excerpt":"Mykolastock \/ Shutterstock.com Many popular services have reported data security breaches over the past two weeks, including LastPass, Plex, and DoorDash. You can now add Samsung to the list, as the company just confirmed some customer data was stolen. Samsung announced on Friday, September 2 that the company \u201crecently discovered\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"Samsung logo sign.","src":"https:\/\/i0.wp.com\/www.howtogeek.com\/wp-content\/uploads\/2022\/07\/Samsung-logo-sign.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":45202,"url":"https:\/\/harchi90.com\/the-top-2fa-apps-updated-august-22\/","url_meta":{"origin":56638,"position":2},"title":"The top 2FA apps (updated August 22)","date":"August 14, 2022","format":false,"excerpt":"Your online accounts are much safer when you rely on more than only a password, and that's where two-factor authentication (2FA) apps come in. You can use them to create an extra layer of security for your accounts, requiring you to enter a one-time password (OTP) in addition to your\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":40593,"url":"https:\/\/harchi90.com\/1passwords-big-app-redesign-brings-desktop-features-to-mobile\/","url_meta":{"origin":56638,"position":3},"title":"1Password&#8217;s big app redesign brings desktop features to mobile","date":"August 9, 2022","format":false,"excerpt":"It took several months, but you now have access to 1Password's major updates on your phone. The company has released 1Password 8 for Android and iOS, and many of the desktop version's features have carried over to mobile. For starters, there's a new home screen that provides quicker, customized access\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10389,"url":"https:\/\/harchi90.com\/what-password-manager-do-you-use\/","url_meta":{"origin":56638,"position":4},"title":"What password manager do you use?","date":"July 10, 2022","format":false,"excerpt":"There's no shortage of digital lockers to pick from on Android When it comes to passwords, Google's been on a tear lately. The company has been working behind the scenes over the last couple of months to raise the bar for how its password manager works on Android and Chrome\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"fifu_image_url":"https:\/\/regmedia.co.uk\/2021\/09\/13\/shutterstock_broke_key.jpg","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/56638"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=56638"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/56638\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=56638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=56638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=56638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}