Update on LastPass breach

Friday 23 December 2022

On December 22, 2022, LastPass posted an update on the breaches that occurred in recent months.

It appears that the attackers have gained access to a backup environment. Users' password vaults are also located in that environment. These are now in the hands of criminals and/or state actors. Some of the users' information is encrypted, according to LastPass. Parts, including website URLs, were not encrypted.

Despite LastPass claiming that the attackers cannot access the encrypted information, including passwords, LISA Security Management recommends changing both the Master Password and ALL passwords stored in the vault.

More information can be found on the LastPass blog.

More recent news

Wed 10 Apr 2024
Reminder: Meet Up on Digitalisation & Security
Wed 27 Mar 2024
E-mail Privacy and Security Awareness Training
Sun 17 Mar 2024
Important Announcement: Mandatory Privacy and Security awareness training
Thu 29 Feb 2024
Digital Cleanup Day: clean up your digital waste
Tue 23 Jan 2024
UT maps decision-making processes of victims of ransomware

News summary