LastPass has released an update on its investigation into two security breaches that occurred last year, and they seem to be more serious than originally anticipated. The malicious actors in those events apparently also penetrated a business DevOps engineer’s private computer via a third-party media software programme. They inserted a keylogger into the programme, which they then used to steal the engineer’s master password for an account that had access to the LastPass corporate vault. They gained access and exported the vault’s entries and shared files, which held decryption keys required to open cloud-based Amazon S3 buckets containing customer vault backups.
