Password management software firm LastPass has shared more details regarding the August security incident, in which hackers stole some of its source code and proprietary technical information.
According to an update published last week, the investigation into the incident revealed that the intruders had had access to the company’s development environment for four days in August 2022. LastPass said it found no evidence that the attackers compromised customer data or encrypted password vaults.
“Our investigation determined that the threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication,” the company explained.
LastPass also said that there was no evidence of attempts of code-poisoning or malicious code injection. The company added that it doesn’t have any access to the customers vaults’ master passwords and without the master password, it is not possible for anyone other than the owner of a vault to decrypt vault data.