LogMeIn has now said that while the initial attack didn’t allow access to customer data, information obtained during that attack was subsequently used to do so. Since the whole point of using a password manager is to avoid using the same password on more than one service, this was unlikely to succeed.) LastPass security breach worse than reported ( An earlier security alert turned out to have nothing to do with LastPass: It was an attacker using login credentials obtained elsewhere to attempt to access LastPass accounts. However, today’s report reveals that customer data was subsequently compromised. LogMeIn said at the time that there had been no access to either customer data, nor the production environment (which meant the attacker couldn’t push a compromised update to users). An attacker gained access to the company’s development environment, and was able to access source code and other technical data. The company confirmed a reported security breach back in August. If your devices are safely in your possession and protected by their own security, you would typically leave your vault unlocked for the rest of each day, enabling seamless login to all your accounts. With these, all your passwords are stored in encrypted form, and you can log in to any website by using only a single master password to unlock your vault. LastPass is a password manager competing with 1Password. LastPass owner LogMeIn stresses that customer passwords have not been compromised, as the company uses end-to-end encryption so that only the subscriber has the decryption key … Background It had previously said that no customer data was compromised. The LastPass security breach that occurred back in August did allow attackers to access customer data, says the company.
0 Comments
Leave a Reply. |