LastPass acknowledges breach of sensitive customer data

2022-12-23T15:08:52.337Z

It is recommended that Password Manager users change their security features on other sites Bad news for users of LastPass, one of the most popular password management tools. The company had initially assured that the various hacks of which it had been the victim had no impact on the accounts of its customers. But his speech has changed. In a blog post published on Thursday, LastPass announced that hackers have all users' secure password vaults potentially at their disposal. A first par

Bad news for users of LastPass, one of the most popular password management tools.

The company had initially assured that the various hacks of which it had been the victim had no impact on the accounts of its customers.

But his speech has changed.

In a blog post published on Thursday, LastPass announced that hackers have all users' secure password vaults potentially at their disposal.

A first partial hack

Last August, the company suffered a major security breach, reports Presse-Citron.

By using a compromised program creator account, an unauthorized individual was able to gain access to part of the platform's development environment.

The company wanted to be reassuring, explaining that only portions of code and technical information were concerned.

In November, another hack targeted LastPass.

The perpetrator of the cyberattack used information from the previous hack to achieve his ends.

This time, the company clarified that the hackers were able to access "certain customer data", without giving further details.

These have now arrived.

The hacker actually had access to a lot of information including “company names, end user names, billing addresses, email addresses, phone numbers and IP addresses from which customers were accessing the service” , revealed Karim Toubba, CEO of LastPass.

Particularly sensitive information

Worse still, the executive reported that the cybercriminal managed to duplicate a backup of the contents of “customer safes”.

This contains both encrypted and unencrypted data, “such as Internet addresses of websites, as well as much more sensitive fields […] such as passwords and site identifiers, secure notes and prefill data “.

However, this information is protected by the safe's master password, which only the user knows.

However, it is better to be careful.

Either way, LastPass users are well advised to change their master password, as well as any passwords used on other sites they visit.

high tech

LastPass: The password manager was allegedly the victim of a cyberattack

Economy

What is a password manager and how to choose it?

high tech
Cyberattack
Cybercriminality
Cybersecurity
Password

LastPass acknowledges breach of sensitive customer data

A first partial hack

Particularly sensitive information

You may like

Trends 24h

Latest