• EN

Notification: Security Incident at LastPass

dips
Userlevel 7
Badge +7
  • dips
  • Veeam Legend
  • 717 comments

LastPass have just announced a Security incident on their platform limited to their Development environment with apparently no compromise to user vaults.

More here: https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk

11 comments

Chris.Childerhose
Userlevel 7
Badge +20

Yikes.  Still have a subscription with them but may cancel as I use Dashlane.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
marcofabbri
Userlevel 7
Badge +13

If I remember correctly it's second time that happens for LastPass...

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it
HunterLAFR
Userlevel 7
Badge +8

Im trying passbolt onprem in my home lab.

https://www.passbolt.com

 

Luis F.- HunterLF - HunterLAFR - lfconsulting.org
Chris.Childerhose
Userlevel 7
Badge +20

Im trying passbolt onprem in my home lab.

https://www.passbolt.com

 

It is actually very good we use that at work. 

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
marcofabbri
Userlevel 7
Badge +13

Im trying passbolt onprem in my home lab.

https://www.passbolt.com

 

Never heard about it, I’ll give a try but when we’re talking about password manager I prefer expensive paid solutions (and LastPass got a free subscription...). To have better security (sync password manager talking) must pay.

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it
marcofabbri
Userlevel 7
Badge +13

Ok, I was right.

28 Dec 2021:
https://www.bleepingcomputer.com/news/security/lastpass-users-warned-their-master-passwords-are-compromised/

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it
MicoolPaul
Userlevel 7
Badge +20

Twice in under a year 😬

 

Also, unrelated to password managers but heavily utilised within the tech communities, Plex have had some unauthorised data access too!

 

https://forums.plex.tv/t/important-notice-of-a-potential-data-breach-24th-of-august-2022/806518

Michael Paul - #VeeamLegend | #VeeamVanguard | Veeam Certified Architect | VMware vExpert | https://micoolpaul.com | Twitter: @MicoolPaul | Mastodon: @micoolpaul@masto.nu | Bluesky: @micoolpaul.bsky.social
marcofabbri
Userlevel 7
Badge +13

I deleted my unused account just yesterday, after that email. Not good at all.

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it
regnor
Userlevel 7
Badge +14

@marcofabbri I didn't know about the one in 2021. But then it's actually their 3th incident. They've had a breach/hack in 2015...🙄

Too many incidents in my opinion for such a critical tool.

Max M. | Systems Engineer @Veeam | VMCE/VMCA | former Legend & Vanguard
Stabz
Userlevel 7
Badge +7

Hey,
Password manager  LastPass has confirmed that cybercriminals stole its customers’ encrypted password vaults, which store its customers’ passwords and other secrets.

In an updated blogpost on its disclosure, LastPass CEO Karim Toubba said the intruders took a copy of a backup of customer vault data by using cloud storage keys stolen from a LastPass employee.

https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

 

how to lose the trust of these customers :(

Philippe DUPUIS |Veeam Certified Engineer | https://original-network.com/
Chris.Childerhose
Userlevel 7
Badge +20

Hey,
Password manager  LastPass has confirmed that cybercriminals stole its customers’ encrypted password vaults, which store its customers’ passwords and other secrets.

In an updated blogpost on its disclosure, LastPass CEO Karim Toubba said the intruders took a copy of a backup of customer vault data by using cloud storage keys stolen from a LastPass employee.

https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

 

how to lose the trust of these customers :(

Wow. I did use them at one point but may not again now due to this.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech

Comment


Terms & Conditions