They aren’t the only ones. I had linked to these a while back. Perhaps you want to check them out.
- https://www.pcmag.com/news/zero-trust-you-can-steal-passwords-from-keepass-with-this-free-app
- https://www.pcmag.com/opinions/lastpass-is-losing-our-trust
- https://www.pcmag.com/news/hackers-target-norton-password-manager-access-8000-user-accounts
Might also want to check out https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/
The hacked DevOps engineer was one of only four LastPass employees with access to the corporate vault. Once in possession of the decrypted vault, the threat actor exported the entries, including the “decryption keys needed to access the AWS S3 LastPass production backups, other cloud-based storage resources, and some related critical database backups.”
Also rephrased at https://www.kiplinger.com/personal-finance/lastpass-hack#:~:text=Risks%20for%20LastPass%20users,of%20your%20entire%20password%20vault.
Update: LastPass’ data breach woes continue…In a March 1 update, LastPass announced that the hacker behind the previous breach (August 2022) has hacked a senior engineer’s home computer and obtained access to a critical corporate vault available to only four top employees.
The vault gave the hacker access to a cloud-storage environment that contained encryption keys for 30 million customer vault backups stored on Amazon web servers, as well as “decryption keys needed to access the AWS S3 LastPass production backups, other cloud-based storage resources, and some related critical database backups.”
So, to recap, one hacker or hacker group now has encrypted copies of every LastPass customer’s password vault, along with the most sensitive internal company secrets and digital access credentials.