LastPass Breached Again – The Second Time in 2022

On Wednesday, LastPass’s CEO Karim Toubba issued a security advisory revealing that they detected unusual activity on its cloud storage shared with GoTo and immediately started an investigation after hiring Mandiant and notifying relevant law enforcement authorities. He confirmed that the company’s products and services are fully operational, but customers should be cautious and follow LastPass’ setup and configuration-related best practices. This time, the company’s affiliate GoTo has become a victim of a breach in which unidentified attackers targeted their shared cloud-storage service.