Pages: [1]   Go Down
  Print  
Author Topic: LastPass ‘resolves’ security scare, assures passwords are safe  (Read 211 times)
HCK
Global Moderator
Hero Member
*****
Posts: 79425



« on: January 01, 2022, 04:05:10 pm »

LastPass ‘resolves’ security scare, assures passwords are safe

<div id="link_wrapped_content">
<body><section class="wp-block-bigbite-multi-title"><div class="container"></div></section><p>One of the most popular and highly recommended password managers may be a little less secure after multiple users have reported phantom login attempts from foreign countries.&nbsp;</p>



<p><a href="https://go.redirectingat.com/?id=111346X1569486&amp;url=https://www.lastpass.com/home-a&amp;xcust=1-1-562124-1-0-0&amp;sref=https://www.macworld.com/feed" data-type="URL" data-id="https://www.lastpass.com/home-a" rel="nofollow">LastPass[/url] investigated <a href="https://go.redirectingat.com/?id=111346X1569486&amp;url=https://news.ycombinator.com/item?id=29705957&amp;xcust=1-1-562124-1-0-0&amp;sref=https://www.macworld.com/feed" rel="nofollow">reports of a possible attack[/url] on its servers and assuring users that it &ldquo;will continue to take steps designed to ensure that LastPass, its users, and their data remain protected and secure.&rdquo; In its initial findings, the company believes &ldquo;the activity is related to attempted &lsquo;credential stuffing&rsquo; activity, in which a malicious or bad actor attempts to access user accounts (in this case, LastPass) using email addresses and passwords obtained from third-party breaches related to other unaffiliated services,&rdquo; according to a <a href="https://go.redirectingat.com/?id=111346X1569486&amp;url=https://blog.lastpass.com/2021/12/unusual-attempted-login-activity-how-lastpass-protects-you/&amp;xcust=1-1-562124-1-0-0&amp;sref=https://www.macworld.com/feed" data-type="URL" data-id="https://blog.lastpass.com/2021/12/unusual-attempted-login-activity-how-lastpass-protects-you/" rel="nofollow">blog post[/url]. </p>



<figure class="wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter"><div class="wp-block-embed__wrapper">
<blockquote class="twitter-tweet" data-width="500" data-dnt="true"><p lang="en" dir="ltr">Something very strange and bad is happening to a lot of people's <a href="https://go.redirectingat.com/?id=111346X1569486&amp;url=https://twitter.com/LastPass?ref_src=twsrc%5Etfw&amp;xcust=1-1-562124-1-0-0&amp;sref=https://www.macworld.com/feed" rel="nofollow">@LastPass[/url] accounts. I posted this to Hacker News and it gathered 192 comments, including 7 separate reports of master password breaches &amp; login attempts from the same Brazil IP range. Uhh. <a href="https://go.redirectingat.com/?id=111346X1569486&amp;url=https://t.co/tcM0aFdavv&amp;xcust=1-1-562124-1-0-0&amp;sref=https://www.macworld.com/feed" rel="nofollow">https://t.co/tcM0aFdavv[/url]`</p>&mdash; Greg Technology (@technology_greg) <a href="https://go.redirectingat.com/?id=111346X1569486&amp;url=https://twitter.com/technology_greg/status/1475600580521381889?ref_src=twsrc%5Etfw&amp;xcust=1-1-562124-1-0-0&amp;sref=https://www.macworld.com/feed" rel="nofollow">December 27, 2021[/url]<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script></div></figure><p>The company claims there is no evidence to suggest that any accounts were compromised. It also said that some of the security alerts &ldquo;were likely triggered in error&rdquo; and has subsequently adjusted its security alert systems. LasPass says the issue has been resolved.</p>



<p>Still, it&rsquo;s a troubling turn of events for one of the premier password manager on the net. LastPass boasts millions of users of its service, which stores passwords in an encrypted online vault accessible on iPhones, iPads, Apple Watches, and Macs. Users access their vault using a master password, which is what users feared may have been compromised.</p>



<p>In 2019, LastPass resolved a <a href="https://go.redirectingat.com/?id=111346X1569486&amp;url=https://blog.lastpass.com/2019/09/lastpass-bug-reported-resolved/&amp;xcust=1-1-562124-1-0-0&amp;sref=https://www.macworld.com/feed" rel="nofollow">browser extension bug[/url] that could have resulted in site credentials filled by LastPass&nbsp;to be exposed.</p>



<p>If you have a LastPass account, it&rsquo;s probably a good idea to change your master password to something that&rsquo;s unique and strong. It&rsquo;s also a good idea to turn on two-factor authentication, which adds a second login method (SMS, OTP, or biometric) in addition to your password for an extra layer of security.</p>
</body></div>

Source: LastPass ‘resolves’ security scare, assures passwords are safe
Logged
Pages: [1]   Go Up
  Print  
 
Jump to: