LastPass confirms breach in Klue supply chain attack
▼ Summary
– LastPass disclosed that hackers accessed customer data from its Salesforce environment after stealing the company’s OAuth tokens during the Klue supply chain attack earlier this month.
– The attack involved the theft of OAuth tokens, which allowed unauthorized access to LastPass’s Salesforce instance.
– Customer data was compromised as a result of the breach in the Salesforce environment.
– The incident is linked to the broader Klue supply chain attack, which targeted multiple organizations.
– LastPass is investigating the breach and notifying affected customers about the data exposure.
LastPass has confirmed that customer data was compromised after attackers stole the company’s OAuth tokens during the Klue supply chain attack earlier this month. The breach targeted the company’s Salesforce environment, granting unauthorized access to sensitive customer information.
The incident unfolded when hackers exploited vulnerabilities in Klue, a third-party platform used by LastPass, to capture authentication tokens. These tokens enabled the attackers to bypass security measures and infiltrate LastPass’s Salesforce instance, where customer data was stored. LastPass disclosed the breach in a recent security advisory, emphasizing that the attack did not compromise its core password vault or master passwords.
The company is now working with law enforcement and cybersecurity experts to investigate the scope of the intrusion. Affected customers have been notified, and LastPass has implemented additional security protocols to prevent future incidents. This breach underscores the growing risks associated with supply chain dependencies and the importance of OAuth token security in enterprise environments.
(Source: BleepingComputer)
