LastPass, one of the most popular password managers, has been stolen. It is estimated that 25 million people use LastPass.Two weeks ago, there was a security breach that appears to have involved the development servers and was enabled by the compromising of a LastPass developer account.
The Last Pass Network Was Breached, but What Exactly Was Taken?
LastPass claims there is no sign of any further malicious activity after the incident responders controlled the breach. Toubab also indicated that no signs of unauthorized access to client databases or secure password storage areas have been discovered.
How Secure Is Your Last Pass Master Password and Vault?
On August 25, LastPass CEO Karim Toubba released a statement saying that “portions of source code and some private LastPass technical information” had been taken.
Passwords are the crown jewels of an individual’s digital fortress, so it stands to reason that LastPass users will be anxious that hackers may have gained access to their accounts. LastPass, however, has made it plain that it never stores master passwords thanks to the ‘zero knowledge’ architecture it employs.
According to Toubba, “this event did not jeopardize your master password” because LastPass “can never know or obtain access to our clients’ master password.” Since this is the case, LastPass says its customers can rest easy knowing they don’t need to do anything special to access their password vaults.
This Is Not Their First Time at The Proverbial
It’s unfortunate that LastPass’s customers had to cope with yet another security breach, but the company deserves praise for its openness in the wake of this one. The corporation announced in June 2015 that hackers had gained access to the network. Users back then were required to regularly update their master passwords.
Uncertainty about what kind of LastPass technical data was compromised. However, the fact that the attacker had access to source code and “private technical information” is cause for concern, despite the fact that no customer data was lost in the recent incident. For the most part, because we don’t know what was taken.
The details of this breaking story are still being filled in. As additional information becomes available, I will add it here.