{"id":3490164,"date":"2026-06-23T15:12:37","date_gmt":"2026-06-23T15:12:37","guid":{"rendered":"https:\/\/techingeek.com\/index.php\/2026\/06\/23\/password-manager-creator-lastpass-reports-that-cybercriminals-accessed-customer-support-case-information-amid-the-klue-security-incident\/"},"modified":"2026-06-23T15:12:37","modified_gmt":"2026-06-23T15:12:37","slug":"password-manager-creator-lastpass-reports-that-cybercriminals-accessed-customer-support-case-information-amid-the-klue-security-incident","status":"publish","type":"post","link":"https:\/\/techingeek.com\/index.php\/2026\/06\/23\/password-manager-creator-lastpass-reports-that-cybercriminals-accessed-customer-support-case-information-amid-the-klue-security-incident\/","title":{"rendered":"Password manager creator LastPass reports that cybercriminals accessed customer support case information amid the Klue security incident."},"content":{"rendered":"
<\/div>\n
\n

LastPass, the password management provider, is alerting its clients that their personal data and customer support case files were compromised in a recent security breach involving one of its technology partners, representing the company’s most recent data leak in years.<\/p>\n

An email forwarded to TechCrunch from an impacted user indicated that LastPass stated the breach was linked to market research company Klue, rather than its own systems. Nonetheless, hackers leveraged their access to extract vast amounts of data regarding LastPass users.<\/p>\n

LastPass is among a growing cadre of cybersecurity firms that have reported data violations due to the breach at Klue, which the firm revealed last week. Other affected companies include HackerOne, Recorded Future, and Tanium.<\/p>\n

In a blog entry detailing the incident, LastPass disclosed that the attackers acquired users’ names, phone numbers, email addresses, physical addresses, along with customer support case information and sales-related data.<\/p>\n

LastPass confirmed that its own systems, including users’ password vaults, remained secure.<\/p>\n

It is not yet clarified what information was included in the customer support tickets, although they probably contain bits of potentially confidential or sensitive information. Clients usually reach out to customer service regarding billing problems or to gain access to their accounts. Previous cases involving customer support tickets have involved credentials and government-issued identification documents.<\/p>\n

Representatives from LastPass did not promptly reply to TechCrunch\u2019s inquiries for comments or questions regarding the incident, including the number of customers impacted.<\/p>\n

According to its website, LastPass has over 33 million users and approximately 1.6 million paying clients as of 2024.<\/p>\n

In 2022, LastPass faced a data breach, in which hackers compromised the entire collection of customer password vaults, utilized for storing sensitive credentials, including passwords, tokens, and various personal and card numbers.<\/p>\n

Although the vaults were secured with master passwords known solely to the customer, the breach enabled hackers to brute-force and crack the vaults offline using the weakest master passwords and subsequently access the information within. Several cryptocurrency thefts were later connected to the LastPass breach, as thieves were suspected of pilfering the victims\u2019 wallet keys by cracking their password vaults.<\/p>\n

Klue CEO Jason Smith stated in a blog post that the company detected hackers within its systems on June 12. A hacking and extortion organization named Icarus claimed responsibility for the breach and publicly threatened to disclose the stolen data if a ransom isn’t fulfilled.<\/p>\n

Smith has not responded to TechCrunch\u2019s emails regarding the incident, including inquiries about how many customers are affected and whether the company has communicated with the hackers.<\/p>\n<\/div>\n

By clicking on links in our articles, we may earn a minor commission. This does not influence our editorial freedom.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/div>\n
\n

LastPass, the password management provider, is alerting its clients that their personal data and customer support case files were compromised in a recent security breach involving one of its technology partners, representing the company’s most recent data leak in years.<\/p>\n

An email forwarded to TechCrunch from an impacted user indicated that LastPass stated the breach was linked to market research company Klue, rather than its own systems. Nonetheless, hackers leveraged their access to extract vast amounts of data regarding LastPass users.<\/p>\n

LastPass is among a growing cadre of cybersecurity firms that have reported data violations due to the breach at Klue, which the firm revealed last week. Other affected companies include HackerOne, Recorded Future, and Tanium.<\/p>\n

In a blog entry detailing the incident, LastPass disclosed that the attackers acquired users’ names, phone numbers, email addresses, physical addresses, along with customer support case information and sales-related data.<\/p>\n

LastPass confirmed that its own systems, including users’ password vaults, remained secure.<\/p>\n

It is not yet clarified what information was included in the customer support tickets, although they probably contain bits of potentially confidential or sensitive information. Clients usually reach out to customer service regarding billing problems or to gain access to their accounts. Previous cases involving customer support tickets have involved credentials and government-issued identification documents.<\/p>\n

Representatives from LastPass did not promptly reply to TechCrunch\u2019s inquiries for comments or questions regarding the incident, including the number of customers impacted.<\/p>\n

According to its website, LastPass has over 33 million users and approximately 1.6 million paying clients as of 2024.<\/p>\n

In 2022, LastPass faced a data breach, in which hackers compromised the entire collection of customer password vaults, utilized for storing sensitive credentials, including passwords, tokens, and various personal and card numbers.<\/p>\n

Although the vaults were secured with master passwords known solely to the customer, the breach enabled hackers to brute-force and crack the vaults offline using the weakest master passwords and subsequently access the information within. Several cryptocurrency thefts were later connected to the LastPass breach, as thieves were suspected of pilfering the victims\u2019 wallet keys by cracking their password vaults.<\/p>\n

Klue CEO Jason Smith stated in a blog post that the company detected hackers within its systems on June 12. A hacking and extortion organization named Icarus claimed responsibility for the breach and publicly threatened to disclose the stolen data if a ransom isn’t fulfilled.<\/p>\n

Smith has not responded to TechCrunch\u2019s emails regarding the incident, including inquiries about how many customers are affected and whether the company has communicated with the hackers.<\/p>\n<\/div>\n

By clicking on links in our articles, we may earn a minor commission. This does not influence our editorial freedom.<\/em><\/p>\n","protected":false},"author":2,"featured_media":3490165,"comment_status":"open","ping_status":"closed","sticky":false,"template":"Default","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3490164","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts\/3490164"}],"collection":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/comments?post=3490164"}],"version-history":[{"count":0,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts\/3490164\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/media\/3490165"}],"wp:attachment":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/media?parent=3490164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/categories?post=3490164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/tags?post=3490164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}