60-page Enterprise Passkey Whitepaper:
Learn how leaders get +80% passkey adoption. Trusted by Rakuten, Klarna & Oracle
Get free Whitepaper
The LastPass data breach of 2022-2023 serves as a reminder of how
sophisticated cyber attacks can cascade into long-term security disasters. This
comprehensive analysis breaks down the incident, its impact, and crucial lessons for
organizations looking to strengthen their security posture.
The Impact: By the Numbers#
The breach's consequences have been severe and long-lasting:
- 33 million users affected
- $4.4 million stolen from 25+ victims
- $5 million reportedly stolen in a single week
- $15 million stolen in cryptocurrency
Key Takeaways#
- A single compromised developer account led to a breach affecting 33 million LastPass
users
- Attackers gained access to encrypted password vaults and customer information
- Over $15 million has been stolen in cryptocurrency heists linked to this breach
- The incident highlighted critical vulnerabilities in remote
work security and incident response
Initial Compromise - August 2022#
The breach began when attackers gained unauthorized access to LastPass's development
environment through a single compromised developer account. At this stage, the attackers
obtained:
- Portions of LastPass source code
- Proprietary technical information
- Access to development environment resources
Why are Passkeys important?
Passwords & phishing put enterprises at risk. Passkeys offer the only MFA solution balancing security and UX. Our whitepaper covers implementation and business impact.
Escalation - November/December 2022#
What initially seemed contained quickly escalated when attackers leveraged the stolen
information to:
- Access LastPass's third-party cloud storage service
- Obtain backup copies of customer vault data
- Compromise unencrypted customer account information
Subscribe to our Passkeys Substack for the latest news.
Subscribe
Critical Development - March 2023#
In a revealing update, LastPass disclosed that attackers had:
- Compromised a senior DevOps engineer's home computer
- Exploited a vulnerability in third-party media software
- Deployed keylogger malware to capture master passwords
- Gained access to critical decryption keys
What Data Was Compromised?#
- Company names
- End-user names
- Billing addresses
- Email addresses
- Telephone numbers
- IP addresses
Technical Data#
- Customer vault backups
- DevOps secrets
- Cloud-based backup storage
- MFA/Federation Database backups

Igor Gjorgjioski
Head of Digital Channels & Platform Enablement, VicRoads
Corbado proved to be a trusted partner. Their hands-on, 24/7 support and on-site assistance enabled a seamless integration into VicRoads' complex systems, offering passkeys to 5 million users.
Passkeys that millions adopt, fast. Start with Corbado's Adoption Platform.
Start Free Trial
Essential Security Lessons for Organizations#
1. Implement Robust Network Segmentation#
- Separate critical systems and data
- Create security zones with different access levels
- Implement strict access controls between segments
- Monitor traffic between network segments
2. Strengthen Remote Work Security#
- Establish clear policies for work-from-home devices
- Restrict personal software installation on work devices
- Implement robust endpoint protection
- Regular security audits of remote work setup
3. Improve Incident Response and Communication#
- Develop clear incident response procedures
- Maintain transparent communication with stakeholders
- Document and update security incidents promptly
- Provide regular updates during ongoing incidents
4. Enhanced Password and Access Management#
- Implement multi-factor authentication across
all systems
- Require strong, unique passwords for each account
- Regular password rotation and security audits
- Use password managers with robust security features
Preventive Measures for Organizations#
1. Technical Controls#
- Implement zero-trust architecture
- Deploy advanced endpoint protection
- Regular security assessments and penetration testing
- Continuous monitoring and logging
2. Administrative Controls#
- Regular security training for employees
- Clear security policies and procedures
- Vendor risk management
- Incident response planning
Conclusion#
The LastPass data breach serves as a crucial lesson in the
importance of comprehensive security measures and proper incident response. Organizations
must take a proactive approach to security, implementing multiple layers of protection
while preparing for potential breaches. By learning from this incident, companies can
better protect their assets and maintain trust with their customers.

Learn more about our enterprise-grade passkey solution.
Learn more