LastPass data breach class action overview: 

• Who: A LastPass customer sued the password management company.
• Why: The plaintiff says the company neglected data security, leading to a data breach. 
• Where: The LastPass data breach class action was filed in a Massachusetts federal court.

A consumer hit password management company LastPass with a class action lawsuit after an August 2022 data breach that allegedly resulted in sensitive customer information being stolen. 

A plaintiff going by the name John Doe filed the class action lawsuit against LastPass US LP on Jan. 3 in a Massachusetts federal court, alleging negligence.

According to the lawsuit, LastPass failed to exercise reasonable care in securing and safeguarding highly sensitive consumer data, which led to a “massive, months-long data breach” beginning August 2022.

The data breach impacted the highly sensitive data of potentially millions of LastPass users, the LastPass class action says. 

It also resulted in the unauthorized public release and subsequent misuse of LastPass customer names, end-user names, billing addresses, email addresses, telephone numbers, IP addresses and customer vault data, the lawsuit alleges. 

“With their private information now in the hands of cybercriminals looking to profit from the theft, Plaintiff’s and Class members’ private information is no longer secure and has already been fraudulently misused, causing…