Yesterday we broke the news of a data breach affecting all users of the Plex multimedia service app. Unfortunately, today we have to bring you news of another data breach, but this time the breach has affected one of the main apps used to mitigate against other data breaches. The password managing app LastPass has confirmed it has been subject to a data breach. Let’s go through all you need to know.
LastPass CEO, Karim Toubba has published a blog post explaining how the company detected unusual activity within certain aspects of the LastPass development environment. Unfortunately, the discovery unearthed a data breach that took portions of source code and other proprietary LastPass technical information.
First and foremost, LastPass is a security app, so a breach of this nature is a blow to the company’s reputation. As mentioned earlier, when data breaches affect other online services and user details are leaked, the smart thing to do is change all your passwords as many of us repeat the same passwords across many of our online accounts. One of the best ways to protect yourself against this type of event is to use a password managing app like LastPass.
In the blog post, Toubba makes it abundantly clear that user security details have not been compromised by this breach. This means that Master Passwords are safe, user data stored in vaults is safe, and no personal information has been compromised. In fact, Toubba recommends that users do not need to take any action in response to the breach. It is up to you, however, how you respond to the issue. LastPass will be taking some steps to try and prevent this type of breach happening again:
“In response to the incident, we have deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm. While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity. Based on what we have learned and implemented, we are evaluating further mitigation techniques to strengthen our environment.”
All-in-all then this does seem to be under control but nonetheless, it is worrying to think of all your passwords falling into the wrong hands. Despite this, however, we still highly recommend you use a password manager to generate and secure all of your online account login details. To help you pick the right one we have put together a guide to the 15 best password manager extensions for the Google Chrome web browser.
