“The second incident saw the threat actor quickly make use of information exfiltrated during the first incident, prior to the reset completed by our teams, to enumerate and ultimately exfiltrate data from the cloud storage resources,” the company explained. The second incident went initially unnoticed, LastPass says, the tactics, techniques, and procedures (TTPs) and the indicators of compromise (IOCs) of the second incident “were not consistent with those of the first.” It was only later determined that the two incidents were related. Getting into the LastPass corporate vault The results of both breaches are catastrophic and the list of data and secrets stolen/compromise as a result is extensive. LastPass is, once again, telling customers about a security incident related to the August 2022 breach of its development environment and subsequent unauthorized access to the company’s third-party cloud storage service that hosted backups: “The threat actor leveraged information stolen during the first incident, information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated second attack.”
0 Comments
Leave a Reply. |