Something doesn't look right?

LastPass Data Breach Aug 2022

No known CVEs used

Subscribe for weekly updates

Security Incident Summary

Severity Score

Significant to High

Organization

LastPass

Threat Actor

Unknown

Actor Type

Unknown

Type of Breach

Data Breach

News Timeline

Feb 27, 2023

TTP Disclosed

LastPass says employee’s home computer was hacked and corporate vault taken arstechnica.com - The threat actor in the LastPass breach exploited a vulnerable third-party media software package on a senior DevOps engineer's home computer, allowing them to install keylogger malware and capture th...
Show more

TTP

Organization Details

Organization Size

Unknown

HQ Location

Boston, Massachusetts

Industry

Technology

Security Stack used by LastPass at time of breach (best approximation) Why?

Network Security

VPN/SASE

IDS/IPS

Endpoint Security

EDR

MDM

Identity Management

SSO / MFA

IGA

Application Security

WAF

SCA

Cloud Security

CASB

CWPP

SIEM / Threat Intel

SIEM

TIP

Not right? Contribute more accurate data

What is LastPass?

LastPass is a password management service that securely stores and encrypts passwords and other sensitive information in a centralized vault. It offers features like auto-filling login credentials, generating strong passwords, and securely sharing passwords with others. LastPass also supports multi-...
Show more

Learn more about recent incidents

9 / 10

Okta Oct, 2023

No known CVEs used

Subscribe for weekly updates

Security Incident Summary

Severity Score

Insignificant

Organization

Threat Actor

Actor Type

Type of Breach

Organization Details

Organization Size

HQ Location

Industry