Another Cybersecurity Breach: LastPass Compromised Once More
Another Cybersecurity Breach: LastPass Compromised Once More
LastPass, the popular password management service, recently announced that it was hacked . Specifically, LastPass’s CEO Karim Toubba wrote that an “unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information.”
This isn’t the first time LastPass has had security problems. In 2021, it appeared that some users’ LastPass Master Passwords may have been revealed . LastPass replied that it hadn’t been breached, but users who had gotten emails warning them that an unknown person was trying to log into their accounts weren’t convinced. Nevertheless, LastPass insisted that it was just the result of a credential stuffing attack .
Also: Want to ditch LastPass? Here are the best alternatives to try
ZDNET Recommends
In 2020, LastPass had a major outage , and users reported they couldn’t log into their accounts or autofill passwords. In 2019, a significant LastPass security problem was uncovered by security researchers as well.
None of these problems alone are that bad. Yes, it’s awful that one developer’s account was hacked, but it happens.
That said, it’s still concerning that the biggest password security company – with a claimed 20 million customers – has significant, annual security problems.
True, as Toubba claimed, with this week’s hack, “We have seen no evidence that this incident involved any access to customer data or encrypted password vaults.” But with proprietary source code and technical secrets revealed, the possibility of an attack that could reveal users’ passwords is certainly there.
This is yet another example of how proprietary code is less secure than open-source code . With open-source password programs, such as Bitwarden, all the code is checked by independent experts. This ensures potential security weaknesses can be spotted before they become security holes.
In this case, however, LastPass has “engaged a leading cybersecurity and forensics firm” to investigate what happened. LastPass is also implementing enhanced security measures. They’ve seen “no further evidence of unauthorized activity.”
From where I sit, this is too little, too late. But it’s still something.
LastPass, with its zero-knowledge model, is still a good password security company. But if you want to look for another password manager , no one would blame you.
Related Stories:
- LastPass password manager fine-tunes its multi-factor authentication options
- Leaving LastPass? Here’s how to get your passwords out
Security
The best VPN services of 2024: Expert tested
How to turn on Private DNS Mode on Android (and why you should)
The best antivirus software and apps you can buy
The best VPN routers you can buy
How to find and remove spyware from your phone
- The best VPN services of 2024: Expert tested
- How to turn on Private DNS Mode on Android (and why you should)
- The best antivirus software and apps you can buy
- The best VPN routers you can buy
- How to find and remove spyware from your phone
Also read:
- [New] The Ultimate Guide to Inspiring YouTube Names
- [Updated] Essential Guide to Mastering ASMR Experience for 2024
- [Updated] ScreenScout Quest Uncovering Affordable TikTok Visuals Without a Cost
- [Updated] Streamline Your Media Workflow A Complete SRT-to-Other File Format Handbook for 2024
- 1. Apple's Next-Gen AirPods: A Vision of Augmented Reality with Built-In Lenses Set for a 2026 Release - Insights
- 2024 Approved 2022 Speed Skating Spectacle
- 365, as Revealed by ZDNET
- 6 Ways To Transfer Contacts From Xiaomi Mix Fold 3 to iPhone | Dr.fone
- Assessment of the Motorola Moto G Power: Impressive Durability and Excellent Battery Efficiency
- Critical Challenge Ahead: Microsoft Must Fix Major Windows 11 Issues Before Launch Deadline - Insights From ZDNet
- Does OnePlus Nord CE 3 5G Have Find My Friends? | Dr.fone
- Facing the End of Mainstream Windows 11 Support Soon? Explore Your 5 Last Resort Options Now!
- How to Successfully Launch Your Game's Finals in 202Ve Tips and Advice
- Speeding Up Generative AI: How Nvidia's Latest 'NIMs' Revolutionize Computing Efficiency | Insights From ZDNET
- The Comeback Kid: Unpacking Why OpenStack & Kata Containers Are Winning Over Enterprises Again - Analysis on ZDNET
- The Main Lobe, or Beam, Represents the Direction in Which an Antenna Radiates Most of Its Energy; a Highly Directive Antenna Has a Narrow Main Lobe.
- Unveiling Secrets of Successful Virtual Workspaces: Embracing Anonymity | ZDNET
- Unveiling the Ultimate Faceoff: Microsoft Teams, Zoom & The Game-Changer in Lip Reading Tech
- Urgent Update: Microsoft Faces Major Challenges with Windows 11 - Just One Year Left!
- Title: Another Cybersecurity Breach: LastPass Compromised Once More
- Author: Matthew
- Created at : 2024-10-15 22:09:30
- Updated at : 2024-10-18 04:20:06
- Link: https://app-tips.techidaily.com/another-cybersecurity-breach-lastpass-compromised-once-more/
- License: This work is licensed under CC BY-NC-SA 4.0.