"LastPass Breach: Hacker Accessed Corporate Vault by Compromising Senior Developer's Home PC"
LastPass has disclosed additional details on the security incident relating to the compromise of its development environment in August 2022 and subsequent unauthorized access to the company's third-party cloud storage provider that held backups. The threat actor launched a coordinated second attack using information stolen during the first incident, information obtained from a third-party data breach, and a vulnerability in a third-party media software package. The list of data and secrets that have been stolen or compromised as a result of both attacks is long. The threat actor compromised a senior DevOps engineer's credentials by targeting the engineer's computer and using a vulnerable third-party media software package to remotely execute code. The actor implanted a keylogger that recorded the master password of the employee. Then, they gained access to the engineer's corporate LastPass vault. This article continues to discuss new information regarding the LastPass breach.