Tuesday, 23 June 2026
Rīga TV

World and Latvian news in one place

TechnologyPublished: 23 June 2026 at 18:20

LastPass warns customers of data theft via Klue breach, says password vaults unaffected

Password manager LastPass notified customers that hackers stole their personal information and support case records through a breach at partner company Klue, but the company's own systems and password vaults remain secure.

Foto: TechCrunch

Password manager maker LastPass is notifying customers that their personal information and customer support case records were stolen during a recent hack at one of its technology partners, marking the company's latest data breach in recent years.

According to an email shared with TechCrunch from an affected customer, the breach occurred at market research firm Klue, not LastPass's own systems. However, hackers abused their access to obtain extensive data about LastPass customers. LastPass is the latest in a growing list of cybersecurity companies that have reported data thefts as a result of the Klue breach, which the company disclosed last week. Other affected companies include HackerOne, Recorded Future, and Tanium.

In a blog post about the incident, LastPass said the hackers obtained customers' names, phone numbers, email addresses, physical addresses, as well as customer support case data and sales-related data. LastPass emphasized that its own infrastructure was unaffected, including customers' password vaults.

The contents of the customer support tickets are not yet known, but they likely contain fragments of sensitive information. Past incidents involving support tickets have included credentials and government-issued IDs.

LastPass spokespeople did not immediately respond to TechCrunch's request for comment, including how many customers are affected. According to LastPass's website, as of 2024 the company had more than 33 million users and approximately 1.6 million paying customers.

LastPass previously experienced a data breach in 2022, when hackers stole the company's entire store of customer password vaults. Although the vaults were encrypted with master passwords, attackers were able to brute-force weak passwords offline, leading to several crypto thefts linked to that breach.

Klue CEO Jason Smith said in a blog post that the company identified hackers in its systems on June 12. A hacking and extortion group called Icarus claimed credit for the breach and has threatened to release the stolen data if a ransom is not paid. Smith has not responded to TechCrunch's emails about the incident.

Comments

0/1500

Comments are automatically moderated. No hate, threats, personal data or spam.

Loading comments…

More in this category

Technology

Anthropic Introduces Claude Tag – An Always-On AI Teammate in Slack

Anthropic launches Claude Tag in research preview, an AI that lives in Slack, learns from channels, performs tasks, and proactively keeps teams updated with persistent context.

TechCrunch AI · 2 min ago

Technology

Anthropic Launches Claude Tag, an 'Always-On' AI Colleague for Slack

Anthropic introduces Claude Tag in research preview, a persistent AI teammate that lives in Slack, learning from channels and proactively assisting with tasks.

TechCrunch · 2 min ago

Technology

Formula E's new season brings sprint races, new tracks, and faster Gen4 cars

The upcoming Formula E season, starting in December, introduces a 30-minute sprint race format called 'E-Prix Unleashed' and three new venues, including Circuit of the Americas in Austin.

The Verge · 2 min ago