LastPass Hacked for Second Time This Year

by

Password management app LastPass says it is investigating a security incident after an "unauthorized party" compromised its systems on Wednesday and gained access to some customer information.

lastpass
The information was stored in a third-party cloud service shared by LastPass and parent company GoTo, said LastPass CEO Karim Toubba in a blog post. Toubba said the hackers used information stolen from LastPass' systems in a separate previously disclosed incident that occurred in August of this year. Toubba added in the blog post that "customers' passwords remain safely encrypted."

We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo. We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement.

We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers' information. Our customers' passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.

According to a blog post dated August 22, the previous incident saw a threat actor gain access to the LastPass Development environment using a developer's compromised endpoint to steal source code and some proprietary LastPass technical information. LastPass said at the time that its systems "prevented the threat actor from accessing any customer data or encrypted password vaults."

LastPass is currently working to understand the scope of Wednesday's incident and identify what specific information has been accessed. GoTo, formerly LogMeIn, said it was also investigating the incident, although it did not explain whether GoTo users were also impacted by the hack. In the meantime, LastPass products and services remain "fully functional," said Toubba.

Tags: LastPass, Security

Popular Stories

iOS 26 on Three iPhones

iOS 26's Liquid Glass Design Draws Criticism From Users

Wednesday September 17, 2025 2:56 pm PDT by
It's been two days since iOS 26 was released, and Apple's new Liquid Glass design is even more divisive than expected. Any major design change can create controversy as people get used to the new look, but the MacRumors forums, Reddit, Apple Support Communities, and social media sites seem to feature more criticism than praise as people discuss the update. Complaints There are a long...
Read Full Article594 comments
iOS 26

iOS 26.1 to iOS 26.4: Here Are 5 New Features to Expect on Your iPhone

Tuesday September 16, 2025 11:17 am PDT by
iOS 26 was finally released on Monday, but the software train never stops, and the first developer beta of iOS 26.1 will likely be released soon. iOS 18.1 was an anomaly, as the first developer beta of that version was released in late July last year, to allow for early testing of Apple Intelligence features. The first betas of iOS 15.1, iOS 16.1, and iOS 17.1 were all released in the second ...
Read Full Article37 comments
M6 MacBook Pro Feature 1

Apple's Rumored MacBook Pro Redesign: 6 New Features Anticipated

Wednesday September 17, 2025 4:26 am PDT by
Apple in October 2024 overhauled its 14-inch and 16-inch MacBook Pro models, adding M4, M4 Pro, and M4 Max chips, Thunderbolt 5 ports on higher-end models, display changes, and more. That's quite a lot of updates in one go, but if you think this means a further major refresh for the ‌MacBook Pro‌ is now several years away, think again. Bloomberg's Mark Gurman has said he expects only a small ...
Read Full Article68 comments
iOS 26 Glass Feature

iOS 26: The Top 100 New Features and Changes

Tuesday September 16, 2025 12:26 pm PDT by
Apple released iOS 26 on September 15, and it's now available for all iPhone users with a compatible device. There are a lot of changes and features to learn about, so if you want a quick, easy-to-read list that outlines what's new, we've got you covered. Design Liquid Glass design that reflects light and refracts what's underneath. It's system wide, with dynamic tab bars and toolbars...
Read Full Article38 comments
ios 26 liquid glass dark mode

iOS 26 Liquid Glass Design Makes App Icons Look Crooked, Report Users

Wednesday September 17, 2025 4:55 am PDT by
iOS 26's new Liquid Glass interface has been criticized for making some content illegible in certain circumstances, and now the UI design is reportedly causing another unusual visual problem for some users. Liquid Glass adds subtle glowing effects to the corners of app icons, creating a dynamic glass-like appearance with depth and parallax effects. However, as noted by Gizmodo, this design...
Read Full Article207 comments
AirPods Pro Firmware Feature

AirPods Pro 2 and AirPods 4 Get iOS 26 Features With New Firmware Update

Monday September 15, 2025 10:50 am PDT by
Apple today released updated firmware for the AirPods Pro 2 and the AirPods 4, introducing support for the new AirPods features that are included in iOS 26, iPadOS 26, and macOS Tahoe. The firmware has a build number of 8A356, and it replaces the current 7E93 firmware. With Apple's new software updates, the AirPods Pro 2 and the AirPods 4 support better audio quality for phone calls and...
Read Full Article67 comments
iOS 26

iOS 26.0.1 Coming Soon, Likely With iPhone Air and iPhone 17 Pro Fix

Thursday September 18, 2025 9:17 am PDT by
Apple is preparing to release iOS 26.0.1, according to a private account on X with a proven track record of sharing information about future iOS versions. The update will have a build number of 23A350, or similar, the account said. It is likely that iOS 26.0.1 will fix a camera-related bug on the new iPhone Air and iPhone 17 Pro models. In his iPhone Air review, CNN Underscored's Henry T. ...
Read Full Article63 comments

Top Rated Comments

willzyx Avatar
willzyx
37 months ago

Why would you not use the built in password manager and instead willingly pay to use another, less secure, manager?
Because 3rd party password managers (1password, keeper, bitwarden) offer a lot more flexibility and security than Apple's built-in manager. Apple's version is good enough for basic functions, anything more and a dedicated manager is far more advanced. Everyone knows that LastPass is trash and has always been trash.
Score: 32 Votes (Like | Disagree)
Abazigal Avatar
Abazigal
37 months ago

Why would you not use the built in password manager and instead willingly pay to use another, less secure, manager?
It’s a pain to retrieve passwords when you want to key them into a non-Apple device. For example, when I went to log in to an account on my windows work laptop, I can view said password via the 1Password app on my Apple Watch. It’s also much easier to generate / change passwords in the 1Password app. iCloud Keychain really needs its own standalone manager app, rather than being hidden in the settings app.
Score: 30 Votes (Like | Disagree)
djcerla Avatar
djcerla
37 months ago
… but this time it’s the LastTime!
Score: 29 Votes (Like | Disagree)
ProfessionalFan Avatar
ProfessionalFan
37 months ago
I switched all my passwords to iCloud passwords. Not only does it work more seamlessly as an Apple ecosystem member, but it feels more secure.
Score: 25 Votes (Like | Disagree)
Poleri Avatar
Poleri
37 months ago
This is why I use BitWarden for years. :cool:
Score: 21 Votes (Like | Disagree)
TriBruin Avatar
TriBruin
37 months ago

That used to be true but now that they added 2FA and notes there isn’t much of a difference and, in Apple slickness, the 2FA integration is one tap seamless. The only reason I use BitWarden as well is for redundancy. I would like to see categories added, I do like that in BW.
Not much difference? If so, where can I get these features using iCloud:


* Multiple vaults so I can separate personal from work passwords?
* Ability to give family members access to certain passwords (like streaming services) while keeping other passwords only to myself
* Ability to store sensitive documents, along with personal information (Drivers License numbers, SSNs, etc.)
* Ability to fill MORE than just user name and password fields (At aa.com, I have to enter my number and last name to log in.)
* Ability to recognize when a site uses SSO via Apple, Google, GitHub, etc. and remember that setting so the next time I go to that site it takes me direcly to the correct SSO login?
* Save my SSH keys so I don't have to manually copy them to each computer I use?

If you have basic needs, sure iCloud works. But, the best Password managers do SO much more. People need to stop saying that Apple is "almost the same". They are not even in the same ballpark.
Score: 19 Votes (Like | Disagree)
Read All Comments