Theft of LastPass’s decrypted password vaults has been tracked to a DevOps engineer. Attackers reportedly targeted a vulnerability in a media software package on the employee's home computer.
Popular password manager LastPass has confirmed that a previously reported November security incident was a data breach that resulted in the theft of customer data, including encrypted password vaults.
