this post was submitted on 01 Dec 2022
8 points (100.0% liked)

Security

5010 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS
 

Seems to be light on details but probably a good time to change your master password if you are a LastPass user.

top 4 comments
sorted by: hot top controversial new old
[–] ThreeHopsAhead@lemmy.ml 3 points 2 years ago (2 children)

Probably a good time to change to an audited open source password manager if you are a LastPass user. Fixed that for you.

[–] ksynwa@lemmygrad.ml 1 points 2 years ago

Like which one?

[–] logrus1@lemmy.ml 1 points 2 years ago

I don't disagree. I'm a fan of bitwarden.

[–] Helix@feddit.de 1 points 2 years ago* (last edited 2 years ago)

They recently had another breach:

Update as of Thursday, September 15, 2022  

Our investigation determined that the threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication.  

I don't trust a software company which has idiot developers like this with my data. Any IT professional should be able to keep their computer clean.

It's OK if a breach like this occurs every few years. But having several incidents within a few weeks to each other just reeks of incompetence.