15, Toubba updated the blog post to notify customers that the company's investigation into the incident had concluded. In August 2022, LastPass published a blog post written by Toubba saying that the company "determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information."Īt the time, Toubba said that the threat was contained after LastPass "engaged a leading cybersecurity and forensics firm" and implemented "enhanced security measures." But that blog post would be updated several times over the following months as the scope of the breach gradually widened. It even offers a Windows client, too, with support for Chrome and Edge browsers. iCloud Keychain is secure and easy to set up and use across all of your Apple devices. iCloud Keychain: Apple's built-in password manager for iOS, iPadOS and MacOS devices is an excellent LastPass alternative available to Apple users at no additional cost.1Password doesn't offer a free tier, but you can try it for free for 14 days. 1Password: Another excellent password manager that works seamlessly across platforms.Bitwarden's free tier allows you to use the password manager across an unlimited number of devices across device types. Bitwarden: CNET's top password manager is a highly secure and open-source LastPass alternative.And while you're doing that, you'll probably want to transition away from LastPass, too. If you haven't - or if you just want total peace of mind - you'll need to spend some serious time and effort changing your individual passwords. LastPass estimates it would take "millions of years" to guess your master password - if you've followed its best practices. Though the most sensitive data is encrypted, the problem is that the threat actor can run "brute force" attacks on those stolen local files. But if you're a LastPass subscriber, you need to operate under the assumption that your user and vault data are in the hands of an unauthorized party with ill intentions. The company didn't specify how many users were affected, and LastPass didn't respond to CNET's request for additional comment on the breach. At the very least, you need to change all of the passwords you have stored with LastPass right away if you haven't already. Even so, if you're a LastPass subscriber, the severity of this breach should have you looking for a different password manager, because your passwords and personal data can still be at serious risk of being exposed.
0 kommentar(er)
