-: FOLLOW US :- @theinsaneapp
LastPass, a password manager giant, has confirmed that cybercriminals have accessed the encrypted password vaults of its customers.
-: FOLLOW US :- @theinsaneapp
These vaults store passwords and other secrets. The breach occurred earlier in the year.
-: FOLLOW US :- @theinsaneapp
LastPass CEO KarimToubba stated that the intruders obtained a copy of a backup customer vault data using stolen cloud storage keys from an employee of LastPass.
-: FOLLOW US :- @theinsaneapp
The customer password vault cache is kept in a proprietary binary format that includes encrypted and unencrypted vault data.
-: FOLLOW US :- @theinsaneapp
However, technical and security details were not disclosed.
-: FOLLOW US :- @theinsaneapp
LastPass doesn't say much about the unencrypted data, including vault-stored web addresses.
It needs to be made clear when the backups were stolen.