LastPass security compromised and user data exposed

LastPass is one of the most famous and commonly used password managers on the web. Even with some major changes, it was still a safe offering that many use on a daily basis.

The service was again criticized for another major security issue. This is the second time in a short period of time that attackers have gained access to user data yet again.

Another LastPass security flaw

In August, LastPass had major security issues. A simple attack gave access to the company's servers, from which important company information is believed to have been stolen. At the time, it was clear that there was no user data theft.

Now, months later, it is clear that much more happened in that attack. LastPass has been attacked again and this time it is known that user data has been exposed. Company disclosed that it has detected "unusual activity" on third-party cloud storage, but existing passwords remain encrypted and secure.

The attackers are known to have used information obtained in August to access "some elements" of customer information. LastPass immediately launched an investigation by hiring the security company Mandiant and the authorities were also alerted.

User data is open, no passwords

The company is working intensively to understand the scope of this incident and to determine exactly what information was accessed. You further warrant that while this evaluation is ongoing, LastPass products and services will continue to function without restriction.

However, LastPass encourages its users to follow the installation and setup guidelines. This includes various measuresincluding setting up two-factor authentication to access the services of this platform.

The revealed case does not leave a positive image of LastPass. This is more of a case of a security issue that occurs over a short period of time. While passwords are not disclosed or used, there is the potential for sensitive data to be accessed and used.