LastPass suffers another data breach, but this time your password vault is safe
LastPass has confirmed that customer names, contact details, and support case records were exposed in a breach at Klue, though the company says password vaults remain secure.
Kass
The company says hackers accessed customer names, contact details, and support records through a third-party vendor, not LastPass' own systems.
Digital Trends
If you’ve ever submitted a support ticket to LastPass, that exchange may now be in the hands of hackers. According to TechCrunch, the password manager has confirmed that customer names, contact details, and support case records were exposed in a recent breach at one of its third-party vendors.
What the hackers got, and what they didn’t
LastPass said its own systems were not compromised and that users’ password vaults remain secure. The exposed data was instead accessed through Klue, a market research company LastPass works with.
LastPass
While no passwords were stolen, the hackers used their access to Klue’s network to pull customer records, including phone numbers, email addresses, physical addresses, and contents of support tickets.
In a blog post about the incident, the company stressed that the breach did not affect encrypted password vaults, master passwords, or any credentials stored within LastPass itself. Even so, the exposed information could still prove useful to attackers, who could leverage it for phishing or social engineering campaigns.
A years-old credential opened the door
The LastPass exposure stems from a wider security breach at Klue, which revealed that attackers gained access using a credential linked to a pilot project dating back to 2022. TechCrunch reports that the credential remained active and provided a way into the company’s systems.
Klue said the attackers were able to access customer data connected to its services, affecting multiple organizations that relied on the platform. Along with LastPass, Gong, Jamf, HackerOne, Insurity, OneTrust, Recorded Future, Snyk, Huntress, Sprout Social, and Tanium were affected.
For LastPass, this marks the second time its users have had data caught up in a breach. A 2022 breach exposed encrypted password vaults that were later linked to cryptocurrency theft. This latest exposure did not involve vault data or passwords, but it highlights how a security lapse at a third-party vendor can still affect customers who never interacted with the vendor directly.
Pranob is a seasoned tech journalist with over eight years of experience covering consumer technology. His work has been…
The maker of ChatGPT wants to make open-source projects less of a security bargain
OpenAI launches Patch the Planet for open-source security, with over 30 open-source projects on board.
OpenAI has launched Patch the Planet, a new initiative aimed at fixing one of the internet's quietest problems – the chronically underfunded security of open-source software.
Patch the Planet pairs OpenAI's most security-capable AI models with Trail of Bits, a security firm that has committed its entire research organization to the effort, alongside support from HackerOne and Calif.
I sifted through the Prime Day chaos to find the best Apple deals actually worth buying
Apple's about to hike prices. Prime Day 2026 is your last chance to save up to $150 on MacBooks, AirPods, and iPads.
Apple is set to increase the prices for its upcoming iPhones and MacBooks, as the company can no longer offset the rising RAM and storage costs. That means, if you are looking to upgrade your aging device, you should buy the current-generation Apple products rather than wait for the new ones.
And since Amazon Prime Day is offering good discounts on the latest iPhones, iPads, MacBooks, and other Apple accessories, this is the perfect time to buy them. Here are my favorite Amazon Prime Day deals for Apple products.
This sneaky photo trick gets AI chatbots to ignore their safety rules
Florida International University researchers built a method that nearly doubled the rate of harmful responses from a tested AI model using nothing but pixel-level edits in an image.
A photo that looks completely ordinary to you could carry a hidden instruction to trick an AI chatbot into ignoring its safety rules, according to new research out of Florida International University. The study found that pixel-level alterations in an image that are invisible to the human eye can be enough to confuse the model reading the image and lead it to generate responses it would normally block.
Hacking what the AI sees
