LastPass is one of the most popular password managers. But in recent days his safety has been debated.
LastPass Password Manager has been accused by several of its users of a security breach which has resulted in the theft of many master passwords. According to the company, if the facts do indeed seem to show that there was a loophole, the reality is different.
This story begins when many users receive messages from LastPass informing them that some unusual logins have taken place with their password. From there, things got very busy. Indeed, by receiving this message the users concerned were (logically) afraid and they accused LastPass of being the source of a password leak, which would have resulted in a major cyberattack.
This is not the first time that a password manager, supposed to be one of the most secure places on the web, has been singled out for its digital vulnerabilities. Indeed LastPass has already had such cases in the past, which gives even more credit to the accusation made by users.
For LastPass there is no evidence of a cyberattack
Quickly on twitter the messages of alerts and complaints multiplied. But according to the company all these complaints have no justification. Indeed, according to her, the origin of all this panic would have been caused by an irregular activity consisting of a “stuffing of identification information”.
These attacks would have been the cause of this problem and these emails to say the least worrying but LastPass wants to be reassuring. The company has since communicated assuring that it has seen no evidence of actual hacking of its servers, or even the compromise of individual accounts. In other words, no trace of a computer attack was detected on servers and user accounts.
LastPass recalls that it is possible to use multi-factor authentication to prevent hackers from gaining control of the targeted user account. This cybersecurity method is very popular today as 2FA begins to show its limits. If you are an owner of a LastPass account, a good thing to do would also be to change your password. Even if the company assures that no attack has taken place, it is better to be careful and foresight.
