The U.K. Information Commissioner’s Office fined password manager LastPass 1.2 million GBP following a 2022 data breach impacting 1.6 million U.K. users. The ICO alleged LastPass failed to implement “robust technical and security measures,” which enabled a hacker to access a corporate laptop belonging to an EU-based employee. That access allowed the hacker to embed malware onto a U.S.-based employee’s computer to gain master password access.
Full story