(Reuters) – Popular digital password manager LastPass said hackers recently stole parts of the company’s source code and other sensitive data.
The company’s chief executive said in a blog post that its users’ passwords were unaffected.
“Our investigation has not revealed any evidence of any unauthorized access to customer data in our production environment,” CEO Karim Toubba said in the post published Thursday.
LastPass, which counts more than 25 million users, works by collecting the hundreds of passwords that consumers and business users need to log into their social media accounts, business networks, online retailers and more.
Security professionals routinely recommend using a unique, complex password for every website a person visits, so password managers like LastPass are playing an increasingly important role in keeping people̵7;s data safe online.
Compromising such a company’s master password—the password that protects the rest of the user’s credentials—has always been a nightmare scenario.
That’s not what happened here, said Mr. Toubba
“This incident did not compromise your master password,” his post read. The company advised users that no action was needed.
Few other details about the breach were disclosed. The company said the hack occurred two weeks earlier and that a cybersecurity firm had been hired to investigate. The company did not immediately respond to a follow-up message.