Odaily Planet Daily News LastPass said that an unknown hacker used the information obtained in the incident they disclosed in August 2022 to access a cloud-based storage environment. Some message source code and technical information were stolen and used to attack another employee to obtain certain storage credentials and keys used to access and decrypt cloud-based storage services. LastPass has determined that once the hacker obtains the cloud storage access key and the dual storage container decryption key, it will copy the information from the backup, which contains customer account information and related metadata, such as company name, end user name, billing address, email address, phone number and IP address used by customers to access the LastPass service. In addition, the hacker can also copy the backup of the customer's vault data from the encrypted storage container. Hackers may try to use brute force to guess the user's master password and decrypt the copy of the vault data they obtained, and may also conduct phishing attacks against online accounts associated with the LastPass vault.