LastPass customers should ensure they have changed their master password and all passwords stored in their vault. In addition, user password vaults were stolen containing unencrypted website URLs and site names as well as encrypted usernames and passwords. December 2022: LastPass disclosed that criminals used some of the information obtained in the earlier breach to steal backup data, including customer names, addresses, phone numbers, email addresses, IP addresses, and partial credit card numbers.Apparently, these keys were not changed immediately after the initial breach was identified, which may have prevented access to the cloud storage. It was determined that an unauthorized party, using the cloud storage access key and container decryption keys obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information.
0 Comments
Leave a Reply. |