In August, LastPass said that a threat actor “took portions of source code and some proprietary LastPass technical information.” Now the company revealed that they copied customer account information and related metadata including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service.