Advertisement
Advertisement
Advertisement
28 June 2026ยท4 min readยทBy Konrad Weber

LastPass Users Had Their Data Stolen Again

LastPass confirmed a data breach involving customer contact details and support data following an attack on firm Klue.

LastPass Users Had Their Data Stolen Again

LastPass Users Had Their Data Stolen Again

LastPass users had their data stolen again. This latest breach follows a string of previous incidents that have plagued the firm over the years, and now customers are dealing with the fallout of an attack that exposed sensitive personal information to unauthorized parties. It's another security failure.

An External Failure

The attack started at Klue. It's an artificial intelligence business intelligence firm that maintains a relationship with the password manager, and attackers managed to compromise access tokens specifically belonging to Klue customers. So they siphoned data directly from integrated platforms like Salesforce.

An unlocked padlock rests on a computer keyboard.

It's a sharp reminder of how interconnected modern digital ecosystems have become. One weak link in a third-party service provider can ripple outward, affecting other platforms that rely on those tools, and this can expose far-reaching vulnerabilities across a network that shouldn't be so fragile. But the impact on its user base remains the same. Nothing changes for them.

Data Exposed in the Breach

What exactly was taken? The list of exposed information is a major concern for anyone worried about identity theft or targeted cyberattacks. According to the company, the following details were compromised:

  • Full names of users
  • Phone numbers
  • Email addresses
  • Physical addresses
  • Support case data
  • Sales related information

The company insists its core infrastructure stayed untouched. But it's clear that the availability of such specific contact data, a direct consequence of a security failure at their partner firm rather than a breach of their own internal systems, presents a clear danger for those affected. They're emphasizing that.

Defending Against Phishing

Sensitive contact information in the wrong hands? It's a disaster waiting to happen. The company is advising its user base to be extremely cautious regarding any unsolicited communication, because attackers often use leaked data to create convincing phishing campaigns by pretending to be legitimate support agents or company representatives. So don't let them trick you into handing over further credentials.

We recommend that customers stay alert for potential phishing attacks or social engineering attempts, which could use exposed contact details. Always exercise caution regarding unsolicited communications, including emails, phone calls, or requests for sensitive information.

This warning highlights the reality of post-breach life for digital consumers. Data's gone. It's difficult to pull back once it's out there, so users must now treat every unexpected call or email with high levels of skepticism to avoid secondary exploitation.

The Wider Security Context

LastPass users had their data stolen again. But they aren't the only ones facing challenges in the current threat environment, as the broader cybersecurity landscape overflows with reports of massive infrastructure take-downs and state-sponsored espionage. The frequency of security events continues to rise. From the dismantling of the Amadey and StealC infostealers to warnings about nation-state actors mapping out critical infrastructure in Australia, we've seen a constant stream of alerts that can't be ignored.

The recent operation against the Amadey and StealC networks recovered up to 27 million stolen access credentials. That's a staggering haul. But these large-scale actions highlight the massive amount of data being harvested by cybercriminal syndicates on a daily basis, and as these groups refine their methods, the burden of protection often falls back onto the individual, who must remain proactive in the face of repeated leaks and platform vulnerabilities. It's a relentless cycle.

Frequently Asked Questions

What was the direct source of the breach that affected LastPass users?

The attack started at Klue, an artificial intelligence business intelligence firm that has a relationship with the password manager. Attackers compromised access tokens belonging to Klue customers, siphoning data from integrated platforms like Salesforce.

What specific types of user data were exposed in this breach?

The exposed information includes full names, phone numbers, email addresses, physical addresses, support case data, and sales related information. The company insists its core infrastructure stayed untouched.

How does the article advise LastPass users to protect themselves after the breach?

The company advises users to be extremely cautious regarding any unsolicited communication, as attackers often use leaked data to create convincing phishing campaigns. Users should stay alert for potential phishing or social engineering attempts and treat unexpected calls or emails with high skepticism.

Why does the article describe the breach as an 'external failure'?

The breach occurred at the third-party partner Klue, not within LastPass's own internal systems. The article notes that one weak link in a third-party service provider can ripple outward, affecting other platforms and exposing far-reaching vulnerabilities across interconnected digital ecosystems.

What broader cybersecurity context does the article mention in relation to this breach?

The article notes that the broader cybersecurity landscape is filled with reports of massive infrastructure take-downs and state-sponsored espionage, with the frequency of security events rising. It mentions operations like the dismantling of Amadey and StealC infostealers recovering up to 27 million stolen credentials, highlighting the massive scale of data harvesting by cybercriminal syndicates.

Konrad Weber
Written by
Infosec and Threats Writer

Konrad Weber writes about the security landscape, from emerging threats to the tools that guard against them. He is focused on helping readers understand risk in a connected world.

๐Ÿ’ฌ Comments (0)

Sign in to leave a comment.

No comments yet. Be the first!

Advertisement