{"id":165830,"date":"2022-12-23T03:46:10","date_gmt":"2022-12-23T03:46:10","guid":{"rendered":"https:\/\/harchi90.com\/hackers-stole-encrypted-lastpass-password-vaults-and-were-just-now-hearing-about-it\/"},"modified":"2022-12-23T03:46:10","modified_gmt":"2022-12-23T03:46:10","slug":"hackers-stole-encrypted-lastpass-password-vaults-and-were-just-now-hearing-about-it","status":"publish","type":"post","link":"https:\/\/harchi90.com\/hackers-stole-encrypted-lastpass-password-vaults-and-were-just-now-hearing-about-it\/","title":{"rendered":"Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it"},"content":{"rendered":"
\n
\n

LastPass has a doozy of an updated announcement about a recent data breach: the company \u2014 which promises to keep all your passwords in one, secure place \u2014 is now saying that hackers were able to \u201ccopy a backup of customer vault data,\u201d meaning they theoretically now have access to all those passwords if they can crack the stolen vaults (via TechCrunch<\/em>). <\/p>\n<\/div>\n

\n

If you have an account you use to store passwords and login information on LastPass, or you used to have one and hadn’t deleted it before this fall, your password vault may be in hackers’ hands. Still, the company claims you might be safe if you have a strong master password and its most recent default settings. However, if you have a weak master password or less security, the company says that \u201cas an extra security measure, you should consider minimizing risk by changing passwords of websites you have stored.\u201d<\/p>\n<\/div>\n

\n

That might mean changing the passwords for every website you trusted LastPass to store.<\/p>\n<\/div>\n

\n

While LastPass insists passwords are still secured by the account’s master password, it’s hard to just take its word at this point, given how it’s handled these disclosures. <\/p>\n<\/div>\n

\n

When the company announced it had been breached in August, it said it didn’t believe user data had been accessed. Then, in November, LastPass said it detected an intrusion, which apparently relied on information stolen in the August incident (it would’ve been nice to hear about that possibility sometime between August and November). That intrusion let someone \u201cgain access to certain elements\u201d of customer info. It turns out those \u201ccertain elements\u201d were, you know, the most important and secret things that LastPass stores. The company says there’s \u201cno evidence that any unencrypted credit card data was accessed,\u201d but that would likely have been preferable to what the hackers actually got away with. At least it’s easy to cancel a card or two.<\/p>\n<\/div>\n

\n
\n

A backup of customers’ vaults was copied from cloud storage<\/p>\n<\/div>\n<\/div>\n

\n

We’ll get to how this all went down in a bit, but here’s what LastPass CEO Karim Toubba is saying about the vaults being taken:<\/p>\n<\/div>\n

\n
\n

The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.<\/strong> <\/p>\n<\/blockquote>\n<\/div>\n

\n

Toubba says the only way a malicious actor would be able to get at that encrypted data, and therefore your passwords, would be with your master password. LastPass says it has never had access to master passwords.<\/p>\n<\/div>\n

\n

That’s why he says, \u201cit would be extremely difficult to attempt to brute force guess master passwords,\u201d as long as you had a very good master password that you never reused (and as long as there wasn’t some technical flaw in the way LastPass encrypted the data \u2014 though the company has made some pretty basic security errors before). But whoever has this data could try to unlock it by guessing random passwords, AKA brute-forcing. <\/p>\n<\/div>\n

\n

LastPass says that using its recommended defaults should<\/em> protect you from that kind of attack, but it doesn’t mention any sort of feature that would prevent someone from repeatedly trying to unlock a vault for days, months, or years. There’s also the possibility that people’s master passwords are accessible in other ways \u2014 if someone re-uses their master password for other logins, it may have leaked out during other data breaches. <\/p>\n<\/div>\n

\n

It’s also worth noting that if you have an older account (prior to a newer default setting introduced after 2018), a weaker password-strengthening process may have been used to protect your master password. According to LastPass, it currently uses \u201ca stronger-than-typical implementation of 100,100 iterations of the Password-Based Key Derivation Function,\u201d but when a verge<\/em> staff member checked their older account using a link the company includes in its blog, it told them their account was set to 5,000 iterations. <\/p>\n<\/div>\n

\n

Perhaps the more concerning bit is the unencrypted data \u2014 given that it includes URLs, it could give hackers an idea of \u200b\u200bwhich websites you have accounts with. If they decided to target users, that could be powerful information when combined with phishing or other types of attacks.<\/p>\n<\/div>\n

\n
\n

If I were a LastPass customer, I would not be happy with how the company has disclosed this info<\/p>\n<\/div>\n<\/div>\n

\n

While none of that is great news, it’s all something that could, in theory, happen to any company storing secrets in the cloud. In cybersecurity, the name of the game isn’t having a 100 percent perfect track record; it’s how you react to disasters when they happen. <\/p>\n<\/div>\n

\n

And this is where LastPass has, in my opinion, absolutely failed. <\/p>\n<\/div>\n

\n

Remember, it’s making this announcement today, on December 22nd \u2014 three days before Christmas, a time when many IT departments will largely be on vacation, and when people aren’t likely to be paying attention to updates from their password manager. <\/p>\n<\/div>\n

\n

(Also, the announcement doesn’t get to the part about the vaults being copied until five paragraphs in<\/em>. And while some of the information is bolded, I think it’s fair to expect that such a major announcement would be at the very top.)<\/p>\n<\/div>\n

\n

LastPass says that the vault backup wasn’t initially compromised in August; Instead, its story is that the threat actor used info from that breach to target an employee who had access to a third-party cloud storage service. The vaults were stored in and copied from one of the volumes accessed in that cloud storage, along with backups containing \u201cbasic customer account information and related metadata.\u201d That includes things like \u201ccompany names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service,\u201d according to LastPass.<\/p>\n<\/div>\n

\n

Toubba says the company is taking all sorts of precautions as a result of the initial breach, and the secondary breach that exposed the backups, including adding more logging to detect suspicious activity in the future, rebuilding its development environment, rotating credentials, and more. <\/p>\n<\/div>\n

\n

That’s all good, and it should do those things. But if I were a LastPass user, I’d be seriously considering moving away from the company at this point, because we’re looking at one of two scenarios here: either the company didn’t know that backups containing users’ vaults were on the cloud storage service when it announced that it had detected unusual activity there on November 30th, or it did<\/em> know and chose not to tell customers about the possibility that hackers had gotten access to them. Neither of those is a good look.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

LastPass has a doozy of an updated announcement about a recent data breach: the company \u2014 which promises to keep all your passwords in one, secure place \u2014 is now saying that hackers were able to \u201ccopy a backup of customer vault data,\u201d meaning they theoretically now have access to all those passwords if they …<\/p>\n

Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it<\/span> Read More »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[],"jetpack_publicize_connections":[],"yoast_head":"\nHackers stole encrypted LastPass password vaults, and we're just now hearing about it - harchi90<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers stole encrypted LastPass password vaults, and we're just now hearing about it - harchi90\" \/>\n<meta property=\"og:description\" content=\"LastPass has a doozy of an updated announcement about a recent data breach: the company \u2014 which promises to keep all your passwords in one, secure place \u2014 is now saying that hackers were able to \u201ccopy a backup of customer vault data,\u201d meaning they theoretically now have access to all those passwords if they … Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it Read More »\" \/>\n<meta property=\"og:url\" content=\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5\" \/>\n<meta property=\"og:site_name\" content=\"harchi90\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-23T03:46:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.vox-cdn.com\/thumbor\/hWvUxuvUt5W7VoHsfV7ZDY3S9Q0=\/0x0:2040x1360\/1200x628\/filters:focal(1020x680:1021x681)\/cdn.vox-cdn.com\/uploads\/chorus_asset\/file\/23262657\/VRG_Illo_STK001_B_Sala_Hacker.jpg\" \/>\n<meta name=\"author\" content=\"islamlacoste58\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/cdn.vox-cdn.com\/thumbor\/hWvUxuvUt5W7VoHsfV7ZDY3S9Q0=\/0x0:2040x1360\/1200x628\/filters:focal(1020x680:1021x681)\/cdn.vox-cdn.com\/uploads\/chorus_asset\/file\/23262657\/VRG_Illo_STK001_B_Sala_Hacker.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"islamlacoste58\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/harchi90.com\/hackers-stole-encrypted-lastpass-password-vaults-and-were-just-now-hearing-about-it\/\",\"url\":\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5\",\"name\":\"Hackers stole encrypted LastPass password vaults, and we're just now hearing about it - harchi90\",\"isPartOf\":{\"@id\":\"https:\/\/harchi90.com\/#website\"},\"datePublished\":\"2022-12-23T03:46:10+00:00\",\"dateModified\":\"2022-12-23T03:46:10+00:00\",\"author\":{\"@id\":\"https:\/\/harchi90.com\/#\/schema\/person\/0689156e87fbe869f0e5efdeef200d5b\"},\"breadcrumb\":{\"@id\":\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/harchi90.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/harchi90.com\/#website\",\"url\":\"https:\/\/harchi90.com\/\",\"name\":\"harchi90\",\"description\":\"Just another WordPress site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/harchi90.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/harchi90.com\/#\/schema\/person\/0689156e87fbe869f0e5efdeef200d5b\",\"name\":\"islamlacoste58\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/harchi90.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5bf7491076e3822b8e0de7b1f9364d75?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5bf7491076e3822b8e0de7b1f9364d75?s=96&d=mm&r=g\",\"caption\":\"islamlacoste58\"},\"sameAs\":[\"http:\/\/harchi90.com\"],\"url\":\"https:\/\/harchi90.com\/author\/islamlacoste58\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers stole encrypted LastPass password vaults, and we're just now hearing about it - harchi90","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5","og_locale":"en_US","og_type":"article","og_title":"Hackers stole encrypted LastPass password vaults, and we're just now hearing about it - harchi90","og_description":"LastPass has a doozy of an updated announcement about a recent data breach: the company \u2014 which promises to keep all your passwords in one, secure place \u2014 is now saying that hackers were able to \u201ccopy a backup of customer vault data,\u201d meaning they theoretically now have access to all those passwords if they … Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it Read More »","og_url":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5","og_site_name":"harchi90","article_published_time":"2022-12-23T03:46:10+00:00","og_image":[{"url":"https:\/\/cdn.vox-cdn.com\/thumbor\/hWvUxuvUt5W7VoHsfV7ZDY3S9Q0=\/0x0:2040x1360\/1200x628\/filters:focal(1020x680:1021x681)\/cdn.vox-cdn.com\/uploads\/chorus_asset\/file\/23262657\/VRG_Illo_STK001_B_Sala_Hacker.jpg"}],"author":"islamlacoste58","twitter_card":"summary_large_image","twitter_image":"https:\/\/cdn.vox-cdn.com\/thumbor\/hWvUxuvUt5W7VoHsfV7ZDY3S9Q0=\/0x0:2040x1360\/1200x628\/filters:focal(1020x680:1021x681)\/cdn.vox-cdn.com\/uploads\/chorus_asset\/file\/23262657\/VRG_Illo_STK001_B_Sala_Hacker.jpg","twitter_misc":{"Written by":"islamlacoste58","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/harchi90.com\/hackers-stole-encrypted-lastpass-password-vaults-and-were-just-now-hearing-about-it\/","url":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5","name":"Hackers stole encrypted LastPass password vaults, and we're just now hearing about it - harchi90","isPartOf":{"@id":"https:\/\/harchi90.com\/#website"},"datePublished":"2022-12-23T03:46:10+00:00","dateModified":"2022-12-23T03:46:10+00:00","author":{"@id":"https:\/\/harchi90.com\/#\/schema\/person\/0689156e87fbe869f0e5efdeef200d5b"},"breadcrumb":{"@id":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiaGh0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIyLzIzNTIzMzIyL2xhc3RwYXNzLWRhdGEtYnJlYWNoLWNsb3VkLWVuY3J5cHRlZC1wYXNzd29yZC12YXVsdC1oYWNrZXJz0gEA?oc=5#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/harchi90.com\/"},{"@type":"ListItem","position":2,"name":"Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it"}]},{"@type":"WebSite","@id":"https:\/\/harchi90.com\/#website","url":"https:\/\/harchi90.com\/","name":"harchi90","description":"Just another WordPress site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/harchi90.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/harchi90.com\/#\/schema\/person\/0689156e87fbe869f0e5efdeef200d5b","name":"islamlacoste58","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/harchi90.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/5bf7491076e3822b8e0de7b1f9364d75?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5bf7491076e3822b8e0de7b1f9364d75?s=96&d=mm&r=g","caption":"islamlacoste58"},"sameAs":["http:\/\/harchi90.com"],"url":"https:\/\/harchi90.com\/author\/islamlacoste58\/"}]}},"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":165902,"url":"https:\/\/harchi90.com\/lastpass-says-hackers-stole-customers-password-vaults-techcrunch\/","url_meta":{"origin":165830,"position":0},"title":"LastPass says hackers stole customers’ password vaults \u2022 TechCrunch","date":"December 23, 2022","format":false,"excerpt":"Password manager giant LastPass has confirmed that cybercriminals stole its customers' encrypted password vaults, which store its customers' passwords and other secrets, in a data breach earlier this year. In an updated blog post on its disclosure, LastPass CEO Karim Toubba said the intruders took a copy of a backup\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":56754,"url":"https:\/\/harchi90.com\/lastpass-password-manager-used-by-millions-across-the-world-says-it-was-hacked\/","url_meta":{"origin":165830,"position":1},"title":"LastPass, Password Manager Used By Millions Across the World Says It Was Hacked","date":"August 26, 2022","format":false,"excerpt":"LastPass is a password manager used by over 33 million people around the world. (Representational)LastPass, a password manager used by more than 33 million people around the world, said a hacker recently stole source code and proprietary information after breaking into its systems.The company doesn't believe any passwords were taken\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":144608,"url":"https:\/\/harchi90.com\/lastpass-says-it-was-breached-again-techcrunch\/","url_meta":{"origin":165830,"position":2},"title":"LastPass says it was breached \u2014 again \u2022 TechCrunch","date":"December 1, 2022","format":false,"excerpt":"Password manager LassPass said it's investigating a security incident after its systems were compromised for the second time this year. LastPass chief executive Karim Toubba said in a blog post that an \u201cunauthorized party\u201d recently gained access to some customers' information stored in a third-party cloud service shared by LastPass\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":145431,"url":"https:\/\/harchi90.com\/lastpass-hacked-for-the-second-time-in-six-months\/","url_meta":{"origin":165830,"position":3},"title":"LastPass Hacked for the Second Time in Six Months","date":"December 2, 2022","format":false,"excerpt":"photo: Leon Neal (Getty Images)If you were planning on storing your precious codes in LastPass, the freemium password manager, my personal advice to you would be: maybe think again on that one. And if you do use it, maybe consider an alternative. Why? well, the password manager just got hacked.\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":145462,"url":"https:\/\/harchi90.com\/major-password-manager-suffers-another-security-breach\/","url_meta":{"origin":165830,"position":4},"title":"Major password manager suffers another security breach","date":"December 2, 2022","format":false,"excerpt":"Password manager Lasts announced Wednesday it had its second data breach in three months.CEO Karim Toubba said the company recently detected unusual activity within a third-party cloud storage service that is shared by LastPass and affiliate GoTo.He said an investigation was immediately launched into the incident by security firm Mandiant\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":145009,"url":"https:\/\/harchi90.com\/lastpass-reveals-another-security-breach\/","url_meta":{"origin":165830,"position":5},"title":"LastPass reveals another security breach","date":"December 1, 2022","format":false,"excerpt":"LastPass CEO Karim Toubba has revealed that the password manager has been breached again. Toubba said the company detected an unusual activity within a third-party cloud storage service that it shares with its parent company GoTo, which was formerly known as LogMeIn. To investigate the incident, LastPass has teamed up\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"fifu_image_url":"https:\/\/cdn.vox-cdn.com\/thumbor\/hWvUxuvUt5W7VoHsfV7ZDY3S9Q0=\/0x0:2040x1360\/1200x628\/filters:focal(1020x680:1021x681)\/cdn.vox-cdn.com\/uploads\/chorus_asset\/file\/23262657\/VRG_Illo_STK001_B_Sala_Hacker.jpg","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/165830"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=165830"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/165830\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=165830"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=165830"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=165830"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}