BleepingComputer reports that sources confirmed to the security blog that LastPass, a popular password management software, was hacked two weeks ago. The hackers were able to steal the company’s source code and proprietary information.
Sources told BleepingComputer that “employees were scrambling to contain the attack”, and the company declined to offer any responses to the blog’s questions.
LastPass released an official security advisory on August 25th confirming the breach. A developer’s account was compromised and was subsequently used to access the company’s developer environment.
According to the advisory, LastPass has hired a cybersecurity and forensics firm to investigate the breach. No further evidence of unauthorized activity was detected. They have not elaborated on what source code was stolen.
The full security advisory can be found on the LastPass company blog.
