If we have a LastPass user account, we could be in trouble, since the current trend of relying on the cloud for practically everything has meant that the breach that LastPass suffered in August of this year has been used not only to obtain data from the servicesuch as the source code of the servers, as well as technical information, but all this has been used to manage to later infiltrate the internal account of one of the employees.
This is over with these same hackers taking a copy of the user data, which although they are encrypted at the user account and password levelthey also have a good deal of unencrypted data that can also be used to try to determine what your password manager’s master password might be.
Therefore, all that can be deduced from from the post that LastPass has posted on his blog, is that we are at the mercy of our master passwordsince all the security measures that LastPass had in its cloud servers have been circumvented in order to download a copy of the data. If we have a strong master password, we shouldn’t worry much, they say.
However, they do not explain what would happen if our password was not as strong as could be expectedand this is together with the possibility that the unencrypted data can give clues about what our master password is, makes it clear that if we have doubts, we should change all the passwords we have stored in LastPass.
It is also mentioned that customer data has been stolen, such as their full names, billing addresses, telephone numbers, email addresses and IP addresses, that while LastPass says it’s basic information, it’s definitely not going to be liked by anyone, especially high-profile users.
Editor’s Comment
Although it is a “crusade” in which I find myself swimming against the current and failing in the attempt, the use of the cloud, which is nothing more than what is colloquially known as “someone else’s computer”, is so widespread that it seems make it impossible to run a service without pulling it.
However, the reality is different, and it is that although the convenience of having our passwords anywhere, synchronized through the Internet, is difficult to match, sometimes it is totally unnecessary to entrust our passwords to a cloud service that you can access anyone, and it is that contrary to what is tried to make believe at the marketing level, there is no invulnerable system.
Sooner or later, a hacker finds a way into any system he sets out to do, and while it was LastPass’s turn to talk about it today, in recent years we’ve seen a long history of situations where a hack has ended. with personal data of users leaked on the network, at which point anyone can get hold of them.
Reply
End of Article. Tell us something in the Comments!
