LastPass, a prominent password manager, has disclosed that hackers stole customer support case data during a breach of Klue, one of its tech partners. This incident marks the second data breach to impact LastPass customers in recent years, highlighting the company's ongoing struggles with securing sensitive user information. The breach is particularly concerning given the nature of LastPass's business, which involves storing and managing highly sensitive password data for its customers. Although the company has not disclosed the exact nature of the stolen data, it is likely that the breach may have exposed sensitive customer information, including technical support interactions and potentially other personal data1. This latest breach underscores the importance of robust security measures and vendor risk management for companies handling sensitive user data, and practitioners should be vigilant in monitoring the situation to ensure their own security protocols are adequate.