UK’s ICO Fine LastPass £1.2 Million Over 2022 Security Breach

UK’s ICO fines LastPass £1.2M for the 2022 data breach that exposed 1.6 million users’ data. Learn how a flaw in an employee’s personal PC led to the massive security failure.

The UK’s data privacy regulator, the Information Commissioner’s Office (ICO), has penalised the password management giant LastPass UK Ltd with a £1.2 million fine over a major security breach in 2022 that affected the personal details and encrypted vaults of up to 1.6 million users in the UK alone.

The ICO has concluded that the company failed to put in place strong enough technical and security safeguards. ICO Head John Edwards noted that a company promising to help people improve their security “has failed them.”

The 2022 Breach: A Chain of Failures

As reported by Hackread.com in 2022, the whole incident involved a series of human and technical security failures ...