Popular password manager LastPass has revealed that portions of its source code were stolen by hackers in a recent data breach.
LastPass revealed the news in a blog post, emphasizing that no customer data was stolen and no password vaults were compromised. Instead, the hackers seem to have largely focused on gaining access to the company’s source code.
We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information. Our products and services are operating normally.
The company emphasizes that customers do not need to take any additional action at this time.
At this time, we don’t recommend any action on behalf of our users or administrators. As always, we recommend that you follow our best practices around setup and configuration of LastPass which can be found here.