Anyone who uses a password manager is trusting an organization, basically, with the keys to access many important information in their life — hence it is a very difficult choice. In addition to thinking about the features offered by the platforms, whether free or paid, it is also necessary to see their security and privacy history. Now, a news confirmed by LastPass affects the service’s reputation a little more.
That’s because LastPass, one of the most popular password managers on the market, fell victim to a security breach a few weeks ago. The information was detailed in a post on the company’s blog by its CEO, Karim Toubba. he tells that a hacker managed to access the platform development area through the account of a developer, who had a security hole, and stole snippets of the service’s source code and proprietary technical information.
However, Toubba assures users that despite this, no user data or encrypted passwords have been stolen — at least for now. After all, the hack would only have been behind the scenes of LastPass’ development, not its database.
“In response to the incident,” writes the CEO, “we implemented containment and mitigation measures and engaged a leading cybersecurity and forensics firm. While our investigation is ongoing, we have reached a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity.”
Right now, users don’t have to, and couldn’t, do anything about it. The more cautious, however, should consider setting up two-factor authentication for their LastPass account, if they haven’t already done so.
And you, use LastPass? What is your experience with the platform?