By Abdul Wasay ⏐ 1 hour ago ⏐ Newspaper Icon Newspaper Icon 2 min read
LastPass

UK privacy regulators have fined password manager provider LastPass £1.2 million after a 2022 data breach exposed the personal information of around 1.6 million users. The Information Commissioner’s Office issued the penalty in December 2025, closing a lengthy investigation that identified serious failures in the company’s security practices.

Regulators found that the breach began when an attacker compromised an employee’s corporate laptop and stole internal credentials and source code. The intrusion later escalated after the attacker accessed a senior engineer’s personal device, which provided entry to cloud storage backups containing customer data. As a result, attackers exposed user information including names, email addresses, phone numbers, and website URLs linked to accounts.

Although LastPass operates a zero knowledge encryption model that prevents access to users’ master passwords, the regulator said other data elements lacked adequate protection. Authorities emphasized that while there is no evidence attackers decrypted password vaults, the exposure of metadata and account details significantly increased the risk of phishing, credential stuffing, and targeted cyberattacks.

UK’s Information Commissioner said LastPass failed to implement sufficiently strong technical and organizational safeguards, particularly given the sensitive nature of its service. Regulators stressed that password managers hold some of users’ most critical digital credentials and must meet exceptionally high standards for infrastructure security, access controls, and employee device management.

The breach has produced consequences beyond the financial penalty. Security researchers later linked stolen LastPass data to real world losses, including cryptocurrency thefts reported in subsequent years. These incidents reinforced concerns that even when encryption remains intact, weaknesses elsewhere in a system can still cause serious harm.

LastPass said it cooperated fully with the investigation and has since strengthened security controls, improved monitoring, and tightened access policies. The company said it remains committed to protecting users and improving its security posture.

To those unfamiliar, LastPass is a popular password manager that securely stores your login credentials, credit card info, and notes in an encrypted vault, letting you access them with just one master password, and automatically fills them into websites and apps across all your devices, simplifying online security.

Abdul Wasay

Abdul Wasay explores emerging trends across AI, cybersecurity, startups and social media platforms in a way anyone can easily follow.

Latest News

Is Red Dead Redemption 2 Going Free On Epic Games Store Soon
Is Red Dead Redemption 2 Going Free on Epic Games Store Soon?
WhatsApp New Features
WhatsApp Introduces New Missed Call Notes and Interactive Stickers
Rs200 Prize Bond Draw Result
Rs200 Prize Bond Draw Result Announced for December 15, 2025
Gold and Silver Prices in Pakistan Today, 15th December, 2025
Gold and Silver Prices in Pakistan Today, 15th December, 2025
PVARA Clarifies NOCs to Binance
PVARA Chairman Clarifies NOCs to Binance, HTX Are Not Blanket Approvals
Pakistan 5G Auction
Pakistan Pushes Forward with 5G Auction Despite Court Challenges
Zong AI+ Plan
Zong to Accelerate Pakistan’s Digital Transformation Via Comprehensive AI+ Plan
Oneplus 15 Update
OnePlus 15 Update Adds Neon Camera Filter and Bypass Charging Support
Apple Watchos 26 2
Apple Releases watchOS 26.2 With Refined Sleep Score Classifications
Bitcoin
Bitcoin Price Near $90,000 Amid ETF Demand and Market Uncertainty
Imf Approves 1 29b Tranche For Pakistan Critical Climate Funding
Government Highlights IMF Support, Reforms as Economy Stabilises
700000 Chromebooks To Be Given To Students Across Pakistan
700,000 Chromebooks to Be Given to Students Across Pakistan
Sbp Injects Over Rs 9 9 Trillion Into Money Market At 11 01 Rate
Rs10.48 Trillion Injected into Pakistan’s Financial System by SBP