Having a password manager is common and we have always recommended it. It is a way to have the keys protected, prevent you from forgetting them and also to be able to generate them. However, in this article we report a new problem that affects LastPass , which is very popular and used. A new leak has put the data of its users at risk. We are going to explain what it means and how it can affect you.
LastPass suffers a new data breach
Keep in mind that this is not the first time this has happened. In fact, this is the second time LastPass has suffered a data breach this year. From the company itself, they have released a message to users indicating that they have recently detected strange activity within a third-party cloud storage service that it uses and that is used by both LastPass and GoTo.
They believe that this new security incident is related to the previous leak that happened a few months ago. They indicate that the attackers have been able to exploit the information from the previous security breach and thus be able to access certain user data. However, they assure that in no case have they been able to steal the passwords, due to the encryption method they use and that not even LastPass could find out.
They have been able to steal data related to users’ personal information . For example subscription details, as well as information that appears on the invoice. They have even been able to make attempts to log in fraudulently, so users have been able to receive an alert email.
Since LastPass they have not revealed more details about this problem. They have only assured that they are investigating the real scope of the incident and learn more in depth what type of user data they have been able to access. They have indicated that the service is fully functional, without any problem.
Does it put trust in password managers at risk?
Undoubtedly, this type of incident can cause many users to question their trust in password managers. At least they may be more reticent when using online services, such as LastPass, and opt instead for offline password managers such as KeePass.
The important thing when using a password manager is to use one that is guaranteed . LastPass is, despite this incident that we have seen. There can always be problems that affect any online service, but in the case of this key manager, as you can see, the passwords are encrypted and protected on each user’s own device.
As an additional tip, it is important to use good passwords and that they are also unique. There a password manager can be essential to not forget them and not end up putting any simple password in order to remember it. It’s always better to use a key manager than that, but it’s just as essential that you keep it up to date and make sure you use a secure one.
