LastPass USA LLP must face a proposed class action alleging it failed to protect the personal information of millions of people that was exposed in an August 2022 data breach, although some claims were trimmed.
The company, a provider of password and identity-management services, failed to implement adequate data-security practices and left its system vulnerable to brute-force attacks capable of overcoming the level of encryption it provided and exposing the sensitive data in user “vaults,” the plaintiffs alleged in the consolidated lawsuit.
LastPass is used by more than 33 million users and 100,000 businesses around the world, the complaint said. ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.