Password app company LastPass has reported a second data breach that may be related to a previous breach in August where source code and some proprietary LastPass technical information were taken.
The company has reported that in this most recent attack, a threat actor using information from August’s attack accessed “certain elements of our customers’ information.” LastPass says, however, that customers’ passwords remain safely encrypted, its services remain fully functional, and it is currently working to discover the scope of the attack and what information has been accessed.
The advice from LastPass is to follow its best practices around setup and configuration of LastPass as detailed here: https://blog.lastpass.com/2022/01/how-to-set-up-your-new-lastpass-account/