With cyber crime on the rise and opportunities to exploit weaknesses in security, it is unfortunately only a matter of time before any organisation experiences a data breach. The implications of this can be far-reaching, potentially damaging an organisation's reputation and resulting in lost customers and trust. This was recently exemplified by LastPass’s latest cyber security incident.
Password manager LastPass recently disclosed it was hit by its second cyber security incident this year, which may be related to the first breach that occurred earlier in August. After detecting unusual activity within a third-party cloud storage service, the company acted immediately by launching an investigation, engaging a leading security firm Mandiant, and informing law enforcement. They determined that a bad actor had managed to compromise its systems and gain access to some customer information. Fortunately, due to LastPass’s Zero Knowledge architecture, the attacker was unable to access any customer’s passwords.
In the initial security incident, source code and technical information were stolen from LastPass’s development environment. A forensic investigation revealed that the bad actor’s activity was actually limited to a four-day period since the LastPass security team were able to detect their presence and contain the incident. This was only made possible because of LastPass’s strategic system design and controls in which their development environment is physically separated from, and has no direct connectivity to, their production environment. Furthermore, the development environment does not contain any customer data or encrypted vaults so even if compromised, no sensitive customer data can be accessed within it. Not only that, but LastPass itself does not have access to the master passwords that allow only the owner of the vault to decrypt vault data in accordance with their Zero Knowledge security model.
This incident emphasises the importance of implementing enhanced security measures and monitoring capabilities to help detect and prevent cyber criminal activity. Without these, the impact of this breach could have been much worse for LastPass and it’s customers. Cyber criminals are always looking for weaknesses, so organisations need to stay one step ahead and make sure they have something stronger to fall back on if needed.
We have partnered with many industry-leading cyber security vendors to ensure that we can help organisations do exactly that. Contact our expert team today to find out how we can help you secure your digital world.
