LastPass Password Manager Compromised in Hack

Lastpass was hacked

One of the world’s leading password managers, LastPass, announced Thursday that cybercriminals broke into one of the company’s staff accounts two weeks ago — stealing portions of the company’s source code and other technical information.

LastPass has confirmed that there is no evidence of user personal information (PII) compromise at the moment, while the investigation is ongoing.

‘We Detected Some Unusual Activity’

LastPass, which caters to 33 million customers worldwide, said in its official blog post on Thursday, Aug. 25, that snippets of source code — vital instructions that software operates on — and some of LastPass’s proprietary technical information were stolen by an “unauthorized party.”

According to CEO Karim Toubba, unknown actors managed to break into one of LastPass’s software developer staff accounts, which helped them quietly steal the required data. As a result, some sources say users began panicking while employees rushed to contain the breach.

Investigation Is Ongoing

LastPass has not publicly commented on the incident except via official information in the blog post and social media. On the company’s official Twitter feed, some premium users were outraged saying that the company has been an “inconsistent, unreliable service,” for quite some time. Others said they did not notice anything suspicious.

LastPass said that the investigation is ongoing and that all cybersecurity and forensics measures have been applied. The company said it has “achieved a state of containment, implemented additional enhanced security measures,” and sees no further cause for concern for users.

Master passwords, vault data, and personal information have not been compromised, the company said. “At this time, we don’t recommend any action on behalf of our users or administrators.” In addition, LastPass recommends users follow security and configuration best practices.

Not the First Time

This is not the first time the widely used password manager has suffered a cybersecurity incident. Seven embedded trackers were discovered in the LastPass Android app in February last year. In December 2021, users noticed multiple unauthorized attempted logins with their LastPass master passwords — which unlocks the app itself and reveals stored passwords.

LastPass used to lead the pack in both our best free password managers and best password managers overall overviews. Unfortunately, the app’s ranking has been overtaken by other picks over time. You can check out the full reviews for some of our top password managers below:

Ensuring top-notch cyber hygiene is essential for the security of your devices and your private data. This means creating a secure password the right way for all accounts and devices. It is also vital to enable multi-factor authentication in sensitive applications such as password manager apps.

Source link

What do you think?

Written by shahparthsp11

Leave a Reply

Your email address will not be published.

GIPHY App Key not set. Please check settings

Thor 9

New on Disney+ Canada: September 2022

Polos 16x9

26 Best Polo Shirts for Men in 2022: Todd Snyder, Ralph Lauren, Lacoste, and More