“Experts around the world trust LastPass. You deserve the best in security,” LastPass amply displays on its website. More than 33 million people and 100,000 companies (including major US media titles such as the New York TimesCNN or Mashable), clients of the famous password manager, will learn that even the best are not untouchable.
LastPass reported on November 30 that a security incident had occurred, but said its customers’ passwords “remain securely encrypted.” In a press release on its website posted on December 22, the company admits that hackers managed to copy customers’ safe deposit boxes. He assures that much of the information (including the passwords themselves and banking information) probably cannot be exploited.
Karim Toubba, CEO of LastPass, explains that hackers have been able, thanks to various flaws used for several months, to access data stored in the cloud.
Some accessible data
According to the manager, the hackers are in possession of all of his clients’ strong passwords, but in an encrypted format. Karim Toubba says that hackers will have a hard time cracking copies of stolen safes: “With our hashing and encryption methods that protect our customers, it will be extremely difficult to find, even by forcing, the master passwords of our customers who followed our advice. when creating your password”.
However, LastPass encourages users to change their passwords, both the ones they use for each associated account and their master password. Accounts created before 2018 are also listed as more at risk. To protect against further attacks, LastPass is currently performing a full scan of all accounts that show signs of suspicious activity.
The company acknowledges that hackers could still have access to a large amount of unencrypted data, such as personal data related to users (last name, first name, email address, invoices), but also the web addresses of the sites where they use their passwords. .
LastPass claims to be the password manager number one in the world. It allows, thanks to an extension in your web browser, to keep and protect all your passwords in the same place, by creating a “master password”. LastPass also allows you to create long and strong passwords for your various Internet accounts.
Source: BFM TV
