An attacker who stole corporate and customer data from LastPass in 2022 gained initial access by compromising an engineer's personal computer.
GoTo says an attacker stole some encrypted customer backups as well as an encryption key for some of those databases.