LastPass new breach, this time on user data

In August, password management company LastPass confirmed that there was a breach in a dev environment. This resulted in some snippets of the company's code and proprietary technical documentation being stolen, while customer data remained secure.

Password

However, the company suffered yet another breach, and this time hackers gained access to customer data.

In an update in his initial notification of the security incidents, LastPass CEO Karim Toubba revealed that the company detected unusual activity at a third-party cloud storage service provider used by both LastPass and its subsidiary GoTo.

So the company launched an investigation into the whole matter, while also working with cybersecurity firm Mandiant and alerting law enforcement. So far, it has determined that a hacker used information from the August breach to gain access to "certain elements" of customer data in the shared cloud. However, customer passwords remain encrypted and secure.

It should be noted here that this is an ongoing investigation and no one knows what really happened. For now LastPass customers have been advised to follow the practices listed here.

If you are thinking of changing your password manager, use the open source one Keepass, which stores your information, encrypted, locally and not in the cloud.

iGuRu.gr The Best Technology Site in Greecegns

every publication, directly to your inbox

Join the 2.107 registrants.
LastPass, password manager

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).