“We regularly monitor for this type of activity and will continue to take steps designed to ensure that LastPass, its users, and their data remain protected and secure.” LogMeIn Global PR senior director Nikolett Bacso-Albaum said. “It’s important to note that we do not have any indication that accounts were successfully accessed or that the LastPass service was otherwise compromised by an unauthorized party,” LastPass reiterated that users’ master passwords were not accessed by an unauthorized third party after conducting further investigations.
LastPass password manager triggered unauthorized login alerts by mistake Most reports also originated from users with outdated LastPass accounts suggesting an earlier breach.Ĭoincidentally, security researcher Bob Diachenko said he found thousands of LastPass account credentials on RedLine Stealer logs. However, Diachenko checked the login details of some affected users but couldn’t find a match.Īlthough the password manager app does not store the user’s master password on its servers, it stores their saved passwords in an encrypted format. Similarly, some concerned users who tried to delete their LastPass password manager account encountered HTTP error 500 stating that “Something went wrong” after clicking the delete button. Some affected users noted that they do not reuse email addresses and passwords, while others received attempted login notifications after changing their master passwords. Additionally, the alerts trigger when account owners use their master passwords to log in from unknown devices or locations.
0 kommentar(er)
