LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022.
The company added that, once in, the threat actors also managed to access customer data stored in the compromised storage service.
“We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo,” the company said.
“We are working diligently to understand the scope of the incident and identify what specific information has been accessed,” Lastpass added.
In emails sent to customers at the time, Lastpass confirmed the attackers had stolen source code and proprietary technical information from its systems.
LastPass is behind one of the most popular password management software, claiming that it’s being used by more than 33 million people and 100,000 businesses.
