Security

5166 readers

24 users here now

Confidentiality Integrity Availability

founded 5 years ago

MODERATORS

[email protected]

LastPass Posts Notice of Recent Security Incident (blog.lastpass.com)

submitted 2 years ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

Seems to be light on details but probably a good time to change your master password if you are a LastPass user.

top 3 comments

sorted by: hot top controversial new old

[–] [email protected] 3 points 2 years ago (1 children)

Probably a good time to change to an audited open source password manager if you are a LastPass user. Fixed that for you.

[–] [email protected] 1 points 2 years ago

I don't disagree. I'm a fan of bitwarden.

[–] [email protected] 1 points 2 years ago* (last edited 2 years ago)

They recently had another breach:

Update as of Thursday, September 15, 2022

Our investigation determined that the threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication.

I don't trust a software company which has idiot developers like this with my data. Any IT professional should be able to keep their computer clean.

It's OK if a breach like this occurs every few years. But having several incidents within a few weeks to each other just reeks of incompetence.