As witnessed with this latest attack and others, there are also steep costs in terms of brand damage, customer reputation and abandonment, and potentially regulatory fines and penalties depending upon your industry. The impact of successful attacks vary widely from the theft of valuable intellectual property, to disrupting business operations, to vulnerabilities and backdoors embedded in the software you ship to your customers. SolarWinds, Codecov, Kaseya, and now LastPass are now some of the most notable cyber attacks of the last few years.
Software supply chain attacks are cyber attacks that compromise the development pipelines and systems used to build software. This is the latest headline-making software supply chain attack in a rapidly growing threat category. LastPass hired two forensics companies for the investigation, and we expect more information to be disclosed including if any sensitive information was compromised. A compromised developer account could have access to many privileged assets, and although it appears that Master Passwords are not compromised, the attacker could have access to a wide range of other sensitive information leading to further attacks. However, It is hard to know the full scope of this attack at this moment. This means that based on what we know right now, the attacker cannot access to this sensitive information. A user's content in LastPass is protected by one master password, and according to the company, Master Passwords weren’t compromised and are not stored by LastPass at all. This incident is worrisome, especially due to the highly sensitive information LastPass holds, which are user passwords for other websites and secure notes. Users of LastPass should (1) validate that their master password follows strong password best practices to reduce the risk of brute force and (2) be aware of phishing attempts. The bottom line, the encrypted data is still secured due to LastPass's zero-knowledge architecture. Encrypted passwords, usernames, secure notes and etc.LastPass disclosed that the threat actor was able to compromise an additional developer account and use its credentials to obtain access to the company's backup storage.Īccording to LastPass, the following data has been stolen by the attacker: An attacker gained access to developer account credentials and used them to infiltrate their software supply chain and exfiltrate portions of their proprietary source code. LastPass, one of the world's largest password managers with 25 million users, disclosed that an unauthorized party had gained access to portions of the LastPass developer environment.
0 kommentar(er)
