A Break In To LastPass’ Vault

Source: Slashdot A Break In To LastPass’ Vault

Much Safety, So Security

As the quote from Lastpass and Bleeping Computer reads, “some of the stolen vault data is “safely encrypted“.  That is good news for the customers of Lastpass who have to hear there has been a second breach of the company this year.   This time the unencrypted data that was snatched includes company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP address you last hit their servers from.

On the plus side your username, passwords, secure notes, attachments, and form-fill fields are fully AES-256 encrypted so there is little chance they will be truly compromised and your master password is not stored by Lastpass.  With all the information stolen the dastardly nogoodniks could pick up a powerful GPU to try to brute force your master password but even with an NVIDIA Tesla it will take a very long time to accomplish.

Merry Christmas? 

The attacker gained access to Lastpass' cloud storage using "cloud storage access key and dual storage container decryption keys" stolen from its developer environment.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

1 Comment

  1. VS



Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!