Where the Comment is King

THE NEWS COMMENTER

VOTE  (0)  (0)

LastPass security breach did allow access to customer data after all, reveals company

Added 12-01-22 08:31:02am EST - “The LastPass security breach that occurred back in August did allow attackers to access customer data, says the company. It had previously said that no customer data was compromised. LastPass owner LogMeIn stresses that customer passwords…” - 9to5mac.com

CLICK TO SHARE

Posted By TheNewsCommenter: From 9to5mac.com: “LastPass security breach did allow access to customer data after all, reveals company”. Below is an excerpt from the article.

The LastPass security breach that occurred back in August did allow attackers to access customer data, says the company. It had previously said that no customer data was compromised.

LastPass owner LogMeIn stresses that customer passwords have not been compromised, as the company uses end-to-end encryption so that only the subscriber has the decryption key …

LastPass is a password manager competing with 1Password. With these, all your passwords are stored in encrypted form, and you can log in to any website by using only a single master password to unlock your vault. If your devices are safely in your possession and protected by their own security, you would typically leave your vault unlocked for the rest of each day, enabling seamless login to all your accounts.

The company confirmed a reported security breach back in August. An attacker gained access to the company’s development environment, and was able to access source code and other technical data. LogMeIn said at the time that there had been no access to either customer data, nor the production environment (which meant the attacker couldn’t push a compromised update to users). However, today’s report reveals that customer data was subsequently compromised.

(An earlier security alert turned out to have nothing to do with LastPass: It was an attacker using login credentials obtained elsewhere to attempt to access LastPass accounts. Since the whole point of using a password manager is to avoid using the same password on more than one service, this was unlikely to succeed.)

Read more...

Watch the video:

If you don't see any comments yet, congrats! You get first comment. Be nice and have fun.

Comment Box is loading comments...

CLICK TO SHARE

BACK TO THE HOME-PAGE