LastPass, the world’s most popular password management software, has been hacked

I believe that many friends have used the LastPass extension, which allows you to only remember one password online, and you can log in to all websites that require a password.

Lastpass is an online password manager and page filter with strong encryption algorithm, automatic login/cloud synchronization/cross-platform/support for multiple browsers, with more than 33 million users worldwide.

On August 25, LastPass posted on its official blog that a recent hacker had stolen source code and proprietary information after breaking into its system. But they don't think any passwords have been stolen and users don't need to take action to protect their accounts.

https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/

LastPass CEO Karim Touba said the hackers gained access to parts of the LastPass development environment through a compromised developer account, and obtained some source code and some proprietary LastPass technical information. "Our products and services are functioning properly."

In response to the incident, LastPass deployed containment and mitigation measures and hired a leading cybersecurity and forensics firm.

LastPass stressed that the incident did not reveal user passwords. "We never store or know your master password. We employ an industry-standard zero-knowledge architecture to ensure LastPass never knows or accesses our customers' master passwords."