LastPass, one of the largest password managers in the world, has been hacked: not even they are spared

  • 20

LastPass, one of the largest password managers in the world, has been hacked: not even they are spared

The CEO of LastPass has confirmed in a release sent to its users that the service has been hacked. According to his account, two weeks ago they detected strange activity in parts of the development environment.

The good part is that it says that, after conducting an investigation, found no evidence that the attackers have accessed user data or encrypted passwords. In a part dedicated to questions and answers, the company ensures that they do not store the Master Password, and therefore have not been affected by the breach.


Password manager companies suffer from the same problem as any user

Password

As much security as there is, there are numerous incidents like this from LastPass that have to do with social engineering and oversights. In this case, from LastPass they mention that the access occurred because a single developer account had been compromised, although they have not mentioned whether they detected phishing or other techniques in the attack to achieve it.

Although user data has not been affected according to the statement, the attackers have were made with parts of the source code and some technical information from LastPass, although they do not detail how it could affect the company’s activity either. As the investigation continues, they are carrying out further measures and have achieved a “state of containment”. At the moment they say they have not found any more signs of suspicious activity.

{“videoId”:”x7zrujg”,”autoplay”:false,”title”:”Backup 3 – 2 – 1, the definitive method to keep your data safe”,”tag”:”backups”}

As for users and administrators, LastPass recommends doing nothing beyond following the best practices since ever. But since no user information or passwords have been stolen, they indicate that no extra step is necessary.

I've been using a password manager for years and now I can't live without it (literally)

in Xataka

I’ve been using a password manager for years and now I can’t live without it (literally)

Furthermore, they reiterate that with their zero-knowledge model, only the client has data to decrypt data from the vault. In 2015, LastPass has already been hackedand that time they were able to get the hashes of authentication.


The news

LastPass, one of the largest password managers in the world, has been hacked: not even they are spared

was originally published in

Xataka

by Antonio Saban.

The CEO of LastPass has confirmed in a release sent to its users that the service has been hacked. According…

The CEO of LastPass has confirmed in a release sent to its users that the service has been hacked. According…

Leave a Reply

Your email address will not be published.