Using strong, random passwords is an essential practice in anyone’s security. However, in order to carry it out, it is necessary to have the help of a password manager, a program that allows us to save them safely so that we do not have to remember them over and over again. There are many programs to save passwords, some simple and free, like the one included in all web browsers, and others more advanced, and theoretically secure, such as LastPass.
LastPass is a service designed for both users and companies that allows us to manage our passwords. This service, which we can use for free (although very limited) or by paying a monthly fee, allows us from generating secure passwords for websites to saving each and every one of the passwords we use on each page in which we are registered. Furthermore, if a security breach is detected, it will even notify us of the passwords that have been leaked so that we can change them as soon as possible.
The bad thing about entrusting all this confidential and private information to a company is that, in the event of a security breach, all this data can be exposed and available to any hacker. And unfortunately, this is what just happened to LastPass. And if it was not enough, for the second time this year.
We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate GoTo. Customer passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture. More info: https://t.co/xk2vKa7icq https://t.co/ynuGVwiZcK
November 30, 2022 • 21:12
Have gained access to customer data
Just yesterday, LastPass reported that they had detected unauthorized access, by unknown attackers, to your servers. This attack has been possible because the attackers have used information stolen in the other attack that this company has suffered this year, last August. The attackers have managed to access their storage servers (which are in the cloud of an external company), and have managed to access certain elements of information from their clients.
At the moment, the company assures that they are studying the scope of the attack in order to know in detail what data these hackers have managed to access and what information has actually been exposed and may be in the hands of hackers.
The attack last August was possible thanks to the fact that one of the company’s developers had a compromised account, and it was through it that he gained access to the servers. This time, the origin is not completely clear, although everything indicates that it was possible using information stolen in the previous attack (a certificate, a cookie, an API, etc).
Are my LastPass passwords compromised?
Hackers have been able to access a lot of information from LastPass customers, such as names, emails, telephone numbers, etc. However, the company is certain, even without further investigation into the matter, that passwords have not been compromised.
This is due to the Zero Knowledge policy whereby LastPass stores information on its servers, but without knowing what information it is storing. All this information is kept encrypted, and can only be decrypted by the client using its double authentication system, but no one else.
It is believed, for now, that this new hack has only leaked the company’s source code and other proprietary information, but nothing more. For now, those responsible for the company have not made statements. And as soon as more is known about this attack we will update the news with the new information.