Password manager LassPass said it’s investigating a security incident after its systems were compromised for the second time this year.
LastPass chief executive Karim Toubba said in a blog post that an “unauthorized party” recently gained access to some customers’ information stored in a third-party cloud service shared by LastPass and its parent company, GoTo.
Toubba said the unauthorized party used information stolen from LastPass’ systems in August, which the company disclosed at the time.
The third-party cloud service wasn’t named, but a 2020 blog post by Amazon Web Services cited the company’s transition of a billion customer records to Amazon’s cloud.
Toubba did not say what specific customer information was taken, but said it was working to “understand the scope of the incident and identify what specific information has been accessed.”