Connect with us

Hi, what are you looking for?

Tech News

LastPass: the world’s most popular password manager hacked

LastPass: the world's most popular password manager hacked

LastPass

LastPass, a password manager with more than 33 million users around the world, released a statement Thursday night to say that its systems were attacked by cyber criminals two weeks ago and what information from your source codealong with technical information owned by the company, was stolen.

The company also indicated in its statement that it does not consider that the passwords of users have been compromised during the security breach, since it uses a system of Zero Knowledgewhich prevents your system from storing login credentials, so your customers don’t need to take preventative action.

Advertisement. Scroll to continue reading.

The investigation carried out by LastPass, as detailed in the publication, identified that the cybercriminals entered through a developer account that was compromised and that their products and services “continue to function normally.”

LastPass' investigation identified that the cybercriminals entered via a compromised developer account.  (Karl-Josef Hildenbrand/dpa)
LastPass’ investigation identified that the cybercriminals entered via a compromised developer account. (Karl-Josef Hildenbrand/dpa)

As indicated in the company’s statement, they took security measures in LastPass systems and the incident is in a state of containment. In addition, he stated that, in response to the incident, “a leading cybersecurity and forensic analysis company has been hired.”

Bloomberg indicated that Allan Liska, an analyst with the computer security incident response team at the cybersecurity companyRecorded Future, stated that they are surprised by the time it took for LastPass to inform their customers about the incident.

“To some, two weeks may seem like a long time, incident response teams may take time to fully assess the situation before reporting it,” he told the US outlet. He also added that the extent of the damage produced by the cyber attack It will take time to determine, but it doesn’t seem to have affected LastPass users.

Advertisement. Scroll to continue reading.
Allan Liska, an analyst with Recorded Future's Computer Security Incident Response Team, said the extent of the damage from the cyberattack will take time to determine, but it appears to have not affected LastPass users.  (JESUS ​​AVILES)
Allan Liska, an analyst with Recorded Future’s Computer Security Incident Response Team, said the extent of the damage from the cyberattack will take time to determine, but it appears to have not affected LastPass users. (JESUS ​​AVILES)

For now, the affected company indicated that it will keep its clients informed regarding this incident.

How password managers work

Password managers are secure key managers for different accounts or websites that require access credentials to enter user accounts or profiles. In this way, people can spend more time browsing the internet.

Although browsers, such as Chrome, already offer options related to password management, external services have additional options, such as the random password creation automatically, alerts of unreliable keys or that were leaked by someone on the internet.

Chrome already offers options related to password management.  (Google)
Chrome already offers options related to password management. (Google)

During the first user registration and password on a web page, the password manager saves that information so that, at the next opportunity, the data is auto-completed. In this way the user does not have to write them again.

The generation of keys is different for each of the user’s accounts and it is possible that, in some cases, the password managers offer a service of data storage such as personal documents (DNI, passport, driver’s license, etc.).

Advertisement. Scroll to continue reading.

In some cases, the master password is stored locally or on an encrypted server so that if there is a vulnerability, or a computer attack addressed to the manager, user information is not compromised.

To keep the accesses to the different accounts secured, it is recommended change the key of users on a regular basis, in addition to using various levels of authentication to prevent unauthorized access from other devices remotely.

:

Advertisement. Scroll to continue reading.

Advertisement
Advertisement

Related

TikTok removed millions of underage accounts this year and took these steps

Tech News

Of the one billion TikTok users, the majority are minors, who are exposed to various incidents that can endanger their safety. The social network...

There is a Hungarian price for the Huawei Mate 50 Pro There is a Hungarian price for the Huawei Mate 50 Pro

Android

We knew quite well what Huawei would announce, since the Mate 50 device family has been available domestically, that is, in China, for some...

Google renews itself with the search engine: images and places will be easier to find Google renews itself with the search engine: images and places will be easier to find

Tech News

Logo of Google Google presented at the event Search ON some important changes to make searches easier, especially with images. The Google application available...

Video of the real Transformers in Japan Video of the real Transformers in Japan

Tech News

Gundam robot in Japan. (photo: Robotimania) A user posted a video that has gone viral in Twitter over a robot life-size fighter. Thousands of...

Advertisement

You May Also Like

Android

One of the big new features of iPadOS 16 at WWDC was that from now on, iPads will be able to manage applications by...

Android

The Navee N65 has already been mentioned here in the campaign watch column, as the scooter created with crowdfunding is quite popular. At the...

Tech News

LastPass announced that although the cybercriminals who attacked their systems did not have access to user data. In August of this year, LastPass, one...

Mobiles

7 hoursSmartphoneiQOO Z6 Lite is the world’s first phone with Snapdragon 4 Gen 1 Related posts: Xiaomi 12 Lite enters pre-order confirming Snapdragon 778G...

Advertisement