1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • LastPass is being sued following major cyberattack

    From TechnologyDaily@1337:1/100 to All on Thu Jan 5 18:30:03 2023
    LastPass is being sued following major cyberattack

    Date:
    Thu, 05 Jan 2023 18:20:31 +0000

    Description:
    A disgruntled LastPass customer has sued LastPass for its poor response to August 2022 cyberattack.

    FULL STORY ======================================================================

    LastPass has been threatened with legal action following a months-long data breach that began in August 2022 and led to the leak of potentially millions of users' private information.

    A statement by the password manager CEO Karim Toubba at that time claimed a lack of evidence that any customer data was at risk, though a leading cybersecurity and forensics firm was deployed.

    A December 2022 notice announced that an unknown threat actor accessed a cloud-based storage environment leveraging information obtained from the incident. LastPass August 2022 leak

    According to the class action complaint filed in a Massachusetts court,
    names, usernames, billing addresses, email addresses, telephone numbers, and even the IP addresses used to access the service were all made available to wrongdoers.

    The final straw in the hat could have been the leak of customers unencrypted vault data, which includes all manner of information ranging from website usernames and passwords to other secure notes and form data.

    According to the lawsuit, LastPass understood and appreciated the value of this Information yet chose to ignore it by failing to invest in adequate data security measures. Read more

    These are the best ID theft protection tools


    LastPass is about to enter the metaverse


    LastPass confirms customer password vaults were stolen

    The cases plaintiff claims to have invested $53,000 in Bitcoin since July 2022, which was later stolen several months later, leading to police and FBI reports.

    More recently, Toubba took to the companys blog to announce that some source code and technical information were stolen from [LastPasss] development environment, leading to an attack on an employees account that saw
    credentials and keys being stolen. The company has since that it is decommissioning that environment in its entirety and rebuilding a new environment from scratch.

    While the case plaintiff has demanded a jury trial with regards to the leak and their subsequent losses, it remains to be seen what (if any) action shall be taken against LastPass. Protect yourself with the best firewalls



    ======================================================================
    Link to news story: https://www.techradar.com/news/lastpass-is-being-sued-following-cyberattack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)