Password manager maker LastPass says hackers stole customer support case data during Klue breach

Password manager maker LastPass is notifying customers that their personal information and customer support case records were stolen during a recent hack at one of its technology partners, marking the company’s latest data breach in recent years. In an email shared with TechCrunch from an affected customer, LastPass said the breach occurred at market research firm Klue, and not its own systems. However, hackers abused their access to obtain reams of data about LastPass customers. LastPass is the latest in a growing list of cybersecurity companies that have reported data thefts as a result of the breach at Klue, which the company disclosed last week. Several other affected companies include HackerOne, Recorded Future, and Tanium . In a blog post that shared information about the incident, LastPass said the hackers took customers’ names, phone numbers, email addresses, physical addresses, as well as customer support case data and sales-related data. LastPass said the company’s own infrastructure was unaffected, including customers’ password vaults. It’s not yet known what was in the contents of customer support tickets, although they likely contain fragments of potentially private or sensitive information. Customers typically contact customer service when they are having a billing issue or need assistance in gaining access to their accounts. Past incidents involving customer support tickets have included credentials and government-issued identity documents . …