LastPass experiences a breach

LastPass experiences a breach

In mid June, password management company LastPass experienced a breach of the servers that help run its systems. While the breach did not reveal the master passwords of users, some of the email information and password reminder information, among other bits of information, was compromised. According to Ars Technica, this is the second breach that the company has announced in the past four years.

In 2011, LastPass noticed some anomalies in its network that lead employees to believe that it had been hacked. Although the company did not find exact evidence that it had, it asked all of its users to change their master passwords. While this new attack has not necessitated any master password changes and the company insists that it’s “cyberattack response worked as designed,” it brings up questions about how secure password data really is.

The company said that it has no evidence showing that user accounts were accessed, and that it is confident that the encryption and hashing techniques used would keep data safe. A hashing algorithm is a way of taking a plain text password and turning it into an indecipherable string of numbers. This is accomplished through a very complex mathematical equation that can only be done one way and not reversed without the encryption key. According to LastPass, the company hashes user passwords hundreds of thousands of times, which makes it very difficult to decrypt. Because of its confidence in the system, LastPass has said that users don’t need to change their password.

“Encrypted user vaults were not compromised, so no data stored in your vault is at risk (including form fill profiles, secure notes, site usernames and passwords),” According to LastPass’s blog.

The company warned that if users utilize their LastPass master password for other websites, they should change it and not use the same password on multiple sites.

Moving Forward
The LastPass breach is a perfect example of how even if you have good cybersecurity in place, you can still experience breaches and have data compromised. In order to be as secure as possible it’s best to have multiple layers of security. This will ensure that any threats are discovered and dealt with properly. While attacks like the one that happened to LastPass are never going to end, if you’re ready for them, your information will still be safer.

Faronics’ Endpoint Security is a highly successful approach to security. It protects on four different levels with programs designed specifically for each level. Everything works together to help ensure that if there is a threat, it will be identified and blocked or eliminated.

About The Author

Suzannah Hastings

Suzannah is interested in all things digital, from software security to the latest technological advances. She writes about ways in which the increasingly internet-driven landscape and windows technologies like steady state alternative that change our lives, and what we can expect in the future.

Sign Up For A 30-Day Trial


Deep Freeze Enterprise

Centralized deployment and management as well as a host of configuration options for the Enterprise.

  • This field is for validation purposes and should be left unchanged.

Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.