But if you look closer, it says something else.” If the hacker cracked your master password, they had access to all the passwords you saved with the password manager. “That’s what I believed, as did many other people. “It seems to say: everything is safe, don’t worry,” Gevers told FTM. Cracking a 12-character password would take millions of years using “generally available technology,” LastPass said.Įthical hacker Ricky Gevers was flabbergasted by the LastPass communications about this hack. As long as customers had a good master password, their passwords were safe, the company said. Still, LastPass insisted that there was no major cause for concern. End-November, the company reported that the cyberattack was somewhat serious after all - the hacker had accessed “certain elements of client information.” But LastPass insisted that there was no reason to worry.Īnd then, on December 22, three days before Christmas, LastPass announced that the hacker stole password vaults and copied company names, usernames, billing addresses, email addresses, phone numbers, and IP addresses. In mid-September, LastPass said that an internal investigation revealed the hacker had access to its system for four days but didn’t do anything serious. According to Toubba, the hacker’s activities were “limited,” and LastPass customers didn’t have to worry or take any action. In August, CEO Karim Toubba said a hacker gained access to the company’s development space through an employee’s account. The password manager hasn’t been very forthcoming with information about the hack, despite reporting on it four times. “This is potentially one of the most valuable stolen databases of all time: users - and there are millions of them - have often stored dozens of passwords,” FTM said. The hacker copied a database from LastPass. LastPass reported on December 22 that the hacker gained access to sensitive information, but the theft happened months earlier, Follow the Money (FTM) reported. A hacker stole a file from password manager LastPass that contained the passwords of 30 million users and 85,000 companies.
0 Comments
Leave a Reply. |