Apparently, the second LastPass hack attack was worse than they previously thought.
Hackers stole info during the first attack that allowed them to access a "senior DevOps" employee's homecomputer which enabled remote code execution capability and allowed them to plant keylogger malware.
The hacker was then able to capture the employee’s master password as it was entered on the home PC, and after the employee authenticated with MFA, it gave them access to the DevOps engineer’s LastPass corporate vault.
So the hacker activity went undetected because it appeared to be legitimate activity by that employee who had elevated access...
If you use LastPass, this may be the time to change all your passwords stored on LastPass and change your LastPass master password too...
RoHe
10 Elder
•
45.2K Posts
1
February 28th, 2023 16:00
Another update...
Apparently, the second LastPass hack attack was worse than they previously thought.
Hackers stole info during the first attack that allowed them to access a "senior DevOps" employee's home computer which enabled remote code execution capability and allowed them to plant keylogger malware.
The hacker was then able to capture the employee’s master password as it was entered on the home PC, and after the employee authenticated with MFA, it gave them access to the DevOps engineer’s LastPass corporate vault.
So the hacker activity went undetected because it appeared to be legitimate activity by that employee who had elevated access...
If you use LastPass, this may be the time to change all your passwords stored on LastPass and change your LastPass master password too...
Read more here...