Security

4966 readers

4 users here now

Confidentiality Integrity Availability

founded 4 years ago

MODERATORS

gary_host_laptop@lemmy.ml

LastPass Posts Notice of Recent Security Incident (blog.lastpass.com)

submitted 2 years ago by logrus1@lemmy.ml to c/security@lemmy.ml

4 comments fedilink hide all child comments

Seems to be light on details but probably a good time to change your master password if you are a LastPass user.

top 4 comments

sorted by: hot top controversial new old

[–] Helix@feddit.de 1 points 2 years ago* (last edited 2 years ago)

They recently had another breach:

Update as of Thursday, September 15, 2022

Our investigation determined that the threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication.

I don't trust a software company which has idiot developers like this with my data. Any IT professional should be able to keep their computer clean.

It's OK if a breach like this occurs every few years. But having several incidents within a few weeks to each other just reeks of incompetence.

[–] ThreeHopsAhead@lemmy.ml 1 points 2 years ago (2 children)

Probably a good time to change to an audited open source password manager if you are a LastPass user. Fixed that for you.

[–] ksynwa@lemmygrad.ml 1 points 2 years ago

Like which one?

[–] logrus1@lemmy.ml 1 points 2 years ago

I don't disagree. I'm a fan of bitwarden.