What Was Exposed?Īgain, according to Naked Security, hackers accessed unencrypted customer information including billing address, phone number, payment card details, company names, end-user names, email addresses and IP addresses from which customers were accessing the LastPass service. LastPass assured customers that their LastPass password and the encrypted passwords in the vaults remained encrypted. Next, in late December 2022 they sent another missive to customers to let them know that basic account information and related metadata had been accessed, as well as accessing a backup of customer vault data. Then in November 2022 they revealed the hacker had gained access to certain elements of customer information. In September 2022 they issued a follow-up notice to customers with assurances that their system design and controls prevented the threat actor from accessing customer data and encrypted password vaults.
LastPass communicated with customers, but with little information about the impact other than they did not see evidence that the hackers accessed customer data or their encrypted password vaults.
If you stay, what steps should you take to protect your LastPass vault? If you go, where to? What are best practices to consider when using password managers in the harsh light of breach notification? Read on! What Happened?Īccording to a detailed timeline published by Naked Security, in August 2022 LastPass, the password management application, had a breach.
If you are a LastPass user it is time to decide if you will stay or go. LastPass, the popular password manager, has suffered a breach.
0 kommentar(er)
