Array
Password management service LastPass on Thursday disclosed more details about November’s breach, confirming that basic customer info was exposed but not critical data like passwords or credit card details.
The breach at the end of November resulted from an older one in August, when bad actors broke into one of LastPass’ back-end code bases. They stole company data that was then used recently to break into another LastPass database to capture unencrypted customer data like names, email and billing addresses, phone numbers, and IP addresses.