1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • LastPass accidentally scared users witless with false breach aler

    From TechnologyDaily@1337:1/100 to All on Wed Dec 29 13:30:04 2021
    LastPass accidentally scared users witless with false breach alerts

    Date:
    Wed, 29 Dec 2021 13:08:27 +0000

    Description:
    A system error resulted in many users getting notified of an attempted login.

    FULL STORY ======================================================================

    Password manager firm LastPass has confirmed that a number of recent unauthorized login alerts received by customers were sent out in error.

    After users took to online forums to notify one another that someone from Brazil (as well as other places around the world) had been trying to access their LastPass accounts, the company responded, explaining that no passwords have been compromised.

    As per an article from The Verge , when reports first started popping up, LastPass responded by saying the issue was probably caused by automated bots trying out passwords stolen elsewhere on the web. However, after further investigation into the matter, the company realized that its own systems were to blame, at least in part.

    Out of an abundance of caution, we continued to investigate in an effort to determine what was causing the automated security alert e-mails to be triggered from our systems, explained Dan DeMichele, VP Product Management at LastPass.

    Our investigation has since found that some of these security alerts, which were sent to a limited subset of LastPass users, were likely triggered in error. As a result, we have adjusted our security alert systems and this
    issue has since been resolved. These alerts were triggered due to LastPasss ongoing efforts to defend its customers from bad actors and credential stuffing attempts. Storing passwords securely

    LastPass is a popular password manager that generates, stores and automatically changes passwords in regular intervals (among other things).
    Its one of many freemium password managers available.

    Passwords are generally considered the weakest link in the cybersecurity chain. As a result, security experts recommend users create strong and unique passwords, store them securely, and change them frequently.

    A password manager is recommended, as a tool that can simplify whats often seen as a cumbersome and time-consuming process.

    Multi-factor authentication, in the form of a smartphone apps or security key , is also recommended, especially for more sensitive services, such as banking. You might also want to check out our list of the best identity management tools out there

    Via The Verge



    ======================================================================
    Link to news story: https://www.techradar.com/news/lastpass-accidentally-scared-users-witless-with -false-breach-alerts/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)