LastPass Data Leak: Data of 30 Million Users at Risk

What is LastPass Breach?

On 22nd December 2022, online password management service LastPass revealed that threat actors can steal sensitive information from user accounts like billing, end-user names, email IDs, IP address info, and telephone numbers. 

The leak also includes customer vault data, which consists of both unencrypted data like website URLs and encrypted data like website usernames and passwords, form-filled data, and secure notes. An earlier hack of customer data in August 2022 led to this more severe data breach. 

Risks for LastPass Users

The data of all 30 million LastPass users stored on the company servers as of August 2022 is at risk. Hackers possess a copy of your entire pad vault. In case a hacker manages to crack your master password, they can take full control of your online life. It means full access to your bank accounts, emails, tax information, healthcare data, social media accounts, and much more. 

As per LastPass, hackers may try using brute force for finding out your master password and decode the copies of vault data they have stolen. But, LastPass says it is highly unlikely- to brute force and guess master passwords can take up to a million years if a user has strong secured passwords. But do users really have safe passwords?

Experts doubts claims by LastPass

Experts have raised doubts about LastPass’ recent updates. “The st

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: