Interestingly, LastPass has dramatically increased the number of password iterations. LastPass hasn’t yet made the last two options available to LastPass Free users, but the company says it will enable them shortly. Turn on or reset multifactor authentication.Increase the number of password iterations.Ensure the strength of your master password.In particular, if you’re still using LastPass, I recommend following the company’s advice to: If you’re interested in security stuff, the various posts are worth reading, and LastPass has done a much better job of communicating this time, even if it’s overdue. There has been no contact or demands made, and there has been no detected credible underground activity indicating that the threat actor is actively engaged in marketing or selling any information obtained during either incident.
Notably, the company says that it hasn’t heard from the attacker nor seen any indication of the data being used. I particularly appreciated the extensive list of all the data types accessed, with notes about which fields were encrypted and which were not. Finally, he summarizes what actions LastPass has taken to better secure its systems. He then points readers to a pair of security bulletins with recommended actions: one for LastPass Free, Premium, and Families users and another for LastPass Business users. In a carefully worded blog post, LastPass CEO Karim Toubba lays out a more-detailed timeline of two chained incidents, with the first setting the stage for the second. The new information is helpful, but it doesn’t make me regret switching to 1Password. Months later, the company has finally provided significantly more information about the breach, what data was compromised, and how users should respond. In 2022, password management service LastPass suffered its latest significant breach, this one resulting in the loss of customer vault data (see “ LastPass Shares Details of Security Breach,” 24 December 2022). LastPass Publishes More Details about Its Data Breaches #1650: Cloud storage changes for Box, Dropbox, Google Drive, and OneDrive quirky printing problem.#1651: Dealing with leading zeroes in spreadsheet data, removing ad tracking from ckbk.#1652: OS updates, DPReview shuttered, LucidLink cloud storage.#1653: Apple Music Classical review, Authory service for writers, WWDC 2023 dates announced.1654: Urgent OS security updates, upgrading to macOS 13 Ventura, using smart speakers while temporarily blind.
0 kommentar(er)
