LastPass experiences another data breach, but your password vault is secure this time.

LastPass experiences another data breach, but your password vault is secure this time.

      The company has reported that hackers gained access to customer names, contact information, and support records through a third-party vendor rather than through LastPass' own systems.

      If you've ever sent a support ticket to LastPass, that information may now be accessible to hackers. As reported by TechCrunch, LastPass has confirmed that a recent breach at one of its third-party vendors led to the exposure of customer names, contact information, and support case records.

      What the hackers accessed and what remained secure

      According to LastPass, its internal systems were not breached, and users’ password vaults continue to be secure. The compromised data was accessed through Klue, a market research firm that LastPass collaborates with.

      LastPass

      While no passwords were taken, hackers exploited their access to Klue’s network to obtain customer records such as phone numbers, email addresses, physical addresses, and support ticket details.

      In a blog post addressing the incident, the company emphasized that the breach did not impact encrypted password vaults, master passwords, or credentials stored within LastPass. Nonetheless, the released information could still be advantageous to perpetrators, who might use it for phishing or social engineering attacks.

      An outdated credential was the cause

      The exposure of LastPass data is tied to a broader security breach at Klue, where it was found that attackers accessed the systems using a credential from a pilot project established in 2022. TechCrunch indicates that this credential was still active and allowed entry into the company’s systems.

      Klue disclosed that the attackers could access customer data linked to its services, affecting various organizations that depended on the platform. In addition to LastPass, companies such as Gong, Jamf, HackerOne, Insurity, OneTrust, Recorded Future, Snyk, Huntress, Sprout Social, and Tanium were also impacted.

      For LastPass, this is the second instance wherein user data has been involved in a breach. A breach in 2022 compromised encrypted password vaults, later associated with cryptocurrency theft. Although this latest incident did not involve vault data or passwords, it demonstrates how a security failure at a third-party vendor can still have repercussions for customers who never directly interacted with that vendor.

LastPass experiences another data breach, but your password vault is secure this time. LastPass experiences another data breach, but your password vault is secure this time. LastPass experiences another data breach, but your password vault is secure this time. LastPass experiences another data breach, but your password vault is secure this time. LastPass experiences another data breach, but your password vault is secure this time. LastPass experiences another data breach, but your password vault is secure this time.

Other articles

Hadrian's $7.5 billion valuation: physical-AI wager, rejected. Hadrian's $7.5 billion valuation: physical-AI wager, rejected. Hadrian is said to be negotiating to secure $1 billion at a valuation of $7.5 billion, a figure it describes as "inaccurate." This occurs amidst the surge in physical AI and reindustrialization. LastPass experiences another data breach; however, your password vault remains secure this time. LastPass experiences another data breach; however, your password vault remains secure this time. LastPass has verified that customer names, contact information, and support case records were compromised in a breach at Klue, although the company asserts that password vaults are still secure. Apple suppliers rush to Hong Kong: $4 billion in just one week Apple suppliers rush to Hong Kong: $4 billion in just one week Apple suppliers Luxshare and Lingyi are competing to secure funding in Hong Kong, amassing billions to shift their focus from smartphone components to AI hardware and humanoid robots. The Google Home Speaker is quite remarkable, but that is until you examine the power cable. The Google Home Speaker is quite remarkable, but that is until you examine the power cable. A buyer managed to get the new Google Home Speaker ahead of its official release and shared their initial thoughts. The sound quality is impressive, the installation process is swift, but the non-removable power cable is a significant disappointment for its repair potential. Tecno's EllaClaw AI assistant aims to organize your phone and handle your tasks. Tecno's EllaClaw AI assistant aims to organize your phone and handle your tasks. Tecno's EllaClaw agent goes beyond typical chatbot responses and begins performing actual tasks, such as clearing RAM, conserving battery, requesting rides, and facilitating shopping within your applications, all while ensuring you remain in control. Cerebras shares decline as a shortage of buildings impacts the company. Cerebras shares decline as a shortage of buildings impacts the company. Cerebras saw its revenue nearly double and exceeded sales projections for 2026, yet its stock dropped by 10% due to margin pressures from a shortage in the data-center sector.

LastPass experiences another data breach, but your password vault is secure this time.

LastPass has stated that customer names, contact information, and support case records were compromised in a breach at Klue, although the company assures that password vaults are still secure.