There has been no contact or demands made, and there has been no detected credible underground activity indicating that the threat actor is actively engaged in marketing or selling any information obtained during either incident. To date, however, the identity of the threat actor and their motivation remains unknown. We have shared technical information, Indicators of Compromise (IOCs), and threat actor tactics, techniques, and procedures (TTPs) with law enforcement and our threat intelligence and forensic partners. Rather, the threat actor exploited a vulnerability in third-party software, bypassed existing controls, and eventually accessed non-production development and backup storage environments. Neither incident was caused by any LastPass product defect or unauthorized access to – or abuse of – production systems. The two incidents that we disclosed last year affected LastPass and our customers. WHAT HAPPENED AND WHAT ACTIONS DID WE TAKE? If you would prefer to skip ahead to review LastPass’s recommended actions for protecting your account or your business, please click here for consumers or click here for business administrators. In sharing these additional details today, and in our approach going forward, we are determined to do right by our customers and communicate more effectively. The length of the investigation left us with difficult trade-offs to make in that regard, but we understand and regret the frustration that our initial communications caused for both the businesses and consumers who rely on our products. We have heard and taken seriously the feedback that we should have communicated more frequently and comprehensively throughout this process. Given the volume of information we are sharing today, we have structured this update with summaries that include embedded links to provide more detailed information on each topic. We are privileged to serve millions of users and more than 100,000 businesses, and we want to ensure that all of our customers have the information they need to answer their questions. What actions should you take to protect yourself or your business?.What happened and what actions did we take?.In today’s update, I’ll review those measures and highlight additional security steps that we are taking.
Over the same period, we invested a significant amount of time and effort hardening our security while improving overall security operations. We have now completed an exhaustive investigation and have not seen any threat-actor activity since October 26, 2022.ĭuring the course of our investigation, we have learned a great deal more about what happened and are sharing new findings today. I want to share with you an important update about the security incident we disclosed on December 22, 2022.
0 kommentar(er)
