New: LastPass said an "unauthorized party" gained access to customers' information stored in its cloud storage shared with its parent company, GoTo (formerly LogMeIn).
More: https://techcrunch.com/2022/11/30/lastpass-goto-breached-customer-information/
LastPass' CEO Karim Toubba, who was appointed in April, says the unauthorized party used information stolen from LastPass systems in August to access the cloud storage containing customer information.
Seems plausible that maybe stolen internal creds or keys weren't invalidated after the August breach, which allowed a second compromise?
More: https://techcrunch.com/2022/11/30/lastpass-goto-breached-customer-information/