This new update in LastPass’ research provides a better picture of how the two security breaches it experienced last year were linked. LastPass disclosed in August 2022 that a “unauthorised person” obtained access to their system. While the initial incident concluded on August 12th, the company stated in its new announcement that the threat actors were “actively engaged in a new series of reconnaissance, enumeration, and exfiltration activities aligned to the cloud storage environment spanning from August 12th, 2022 to October 26th, 2022.”
