Home » Technology » LastPass security compromised and user data exposed

LastPass security compromised and user data exposed

LastPass is one of the best known and even the most used password managers on the Internet. Even with some major changes made, it was still a safe proposition that many use on a daily basis.

The service is now under fire again, with another major security issue. This is the second time in a short time and once again the attackers gained access to user data.


Yet another LastPass security flaw

It was in August that LastPass had serious security problems. A simple attack allowed access to company servers, from which important company information is believed to have been stolen. It was clear at the time that there had been no theft of user data.

Now, months later, it's clear that much more went on in that attack. LastPass was attacked again, and this time user data is known to have been exposed. The company revealed that it has detected "unusual activity" on a third-party cloud storage service, but that the passwords there remain encrypted and secure.

The attackers are known to have used information obtained in August to gain access to "certain elements" of customer information. LastPass immediately launched an investigation, having hired security firm Mandiant, and the authorities were also alerted.

LastPass security data user passwords

User data exposed, no password

The company is working intensively to understand the scope of this incident and identify what specific information was accessed. You also warrant that while this review is in progress, LastPass products and services will continue to function without limitation.

However, LastPass advises its users to follow installation and configuration best practices. That includes various measuresincluding configuring two-factor authentication to access the services of this platform.

The case now revealed does not leave LastPass a positive image. It's more a case of security issues happening in a short period of time. While passwords are not revealed and no access is made, there is the potential for sensitive data to be accessed and exploited.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.