Password manager maker LastPass says hackers stole customer support case data during Klue breach

密码管理器厂商 LastPass 表示，黑客在 Klue 数据泄露事件中窃取了其客户支持案例数据

Password manager maker LastPass is notifying customers that their personal information and customer support case records were stolen during a recent hack at one of its technology partners, marking the company’s latest data breach in recent years. 密码管理器厂商 LastPass 正在通知客户，其个人信息和客户支持案例记录在近期其一家技术合作伙伴遭受的黑客攻击中被窃取，这是该公司近年来发生的最新一起数据泄露事件。

In an email shared with TechCrunch from an affected customer, LastPass said the breach occurred at market research firm Klue, and not its own systems. However, hackers abused their access to obtain reams of data about LastPass customers. 在一封受影响客户分享给 TechCrunch 的电子邮件中，LastPass 表示此次泄露发生在市场研究公司 Klue，而非其自身系统。然而，黑客滥用了访问权限，获取了大量关于 LastPass 客户的数据。

LastPass is the latest in a growing list of cybersecurity companies that have reported data thefts as a result of the breach at Klue, which the company disclosed last week. Several other affected companies include HackerOne, Recorded Future, and Tanium. LastPass 是近期因 Klue 数据泄露而报告数据被窃的众多网络安全公司中的最新一家，Klue 公司已于上周披露了该事件。其他受影响的公司还包括 HackerOne、Recorded Future 和 Tanium。

In a blog post that shared information about the incident, LastPass said the hackers took customers’ names, phone numbers, email addresses, and physical addresses, as well as customer support case data and sales-related data. LastPass said the company’s own infrastructure was unaffected, including customers’ password vaults. 在一篇分享该事件信息的博客文章中，LastPass 表示黑客窃取了客户的姓名、电话号码、电子邮件地址、家庭住址，以及客户支持案例数据和销售相关数据。LastPass 表示，公司自身的底层基础设施未受影响，包括客户的密码库。

It’s not yet known what was in the contents of customer support tickets, although they likely contain fragments of potentially private or sensitive information. Customers typically contact customer service when they are having a billing issue or need assistance in gaining access to their accounts. Past incidents involving customer support tickets have included credentials and government-issued identity documents. 目前尚不清楚客户支持工单的具体内容，但它们很可能包含潜在的私人或敏感信息片段。客户通常在遇到账单问题或需要协助访问账户时才会联系客服。过去涉及客户支持工单的事件中，曾出现过凭证和政府签发的身份证件等信息。

Spokespeople for LastPass did not immediately respond to TechCrunch’s request for comment, or questions about the incident, including how many customers are affected by the incident. LastPass has more than 33 million users and around 1.6 million paying customers as of 2024, according to its website. LastPass 的发言人没有立即回应 TechCrunch 的置评请求，也没有回答关于此次事件的问题，包括有多少客户受到影响。据其官网显示，截至 2024 年，LastPass 拥有超过 3300 万用户和约 160 万付费客户。

LastPass previously experienced a data breach in 2022, in which hackers stole the company’s entire store of customer password vaults, which are used to store their sensitive credentials, such as passwords, tokens, and other personal and credit card numbers. While the vaults were encrypted with master passwords only known to the customer, the breach allowed hackers to brute-force and crack the vaults offline with the weakest master passwords, and subsequently access the secrets inside. Several crypto thefts were later linked to the LastPass breach, after hackers were suspected of stealing the victim’s wallet keys by cracking their password vault. LastPass 此前曾在 2022 年经历过一次数据泄露，当时黑客窃取了该公司存储的所有客户密码库，其中存放着用户的敏感凭证，如密码、令牌以及其他个人和信用卡号码。虽然这些密码库使用了仅客户本人知晓的主密码进行加密，但此次泄露使黑客能够通过离线暴力破解较弱的主密码，进而获取库内的机密信息。随后，多起加密货币被盗事件被认为与此次 LastPass 泄露有关，黑客被怀疑通过破解密码库窃取了受害者的钱包密钥。

Klue CEO Jason Smith said in a blog post that the company identified hackers in its systems on June 12. A hacking and extortion group called Icarus took credit for the breach, and has publicly threatened to release the stolen data if a ransom isn’t paid. Smith has not responded to TechCrunch’s emails about the incident, including how many customers are affected or if the company has been in contact with the hackers. Klue 首席执行官 Jason Smith 在一篇博客文章中表示，该公司于 6 月 12 日在其系统中发现了黑客。一个名为 Icarus 的黑客勒索组织声称对此次泄露负责，并公开威胁称如果不支付赎金，将公布被窃数据。Smith 尚未回复 TechCrunch 关于此事的电子邮件，包括受影响的客户数量或公司是否已与黑客取得联系等问题。