Current Events > Lastpass says hackers stole customers' password vaults

Topic List	Page List: 1
CableZL 12/22/22 8:43:18 PM #1:	https://techcrunch.com/2022/12/22/lastpass-customer-password-vaults-stolen/ Password manager giant LastPass has confirmed that cybercriminals stole its customers encrypted password vaults, which store its customers passwords and other secrets, in a data breach earlier this year. In an updated blog post on its disclosure, LastPass CEO Karim Toubba said the intruders took a copy of a backup of customer vault data by using cloud storage keys stolen from a LastPass employee. The cache of customer password vaults is stored in a proprietary binary format that contains both unencrypted and encrypted vault data, but technical and security details of this proprietary format werent specified. The unencrypted data includes vault-stored web addresses, but LastPass does not say more or in what context. Its not clear how recent the stolen backups are. LastPass said customers password vaults are encrypted and can only be unlocked with the customers master password, which is only known to the customer. But the company warned that the cybercriminals behind the intrusion may attempt to use brute force to guess your master password and decrypt the copies of vault data they took. Toubba said that the cybercriminals also took vast reams of customer data, including names, email addresses, phone numbers and some billing information. Password managers are overwhelmingly a good thing to use for storing your passwords, which should all be long, complex and unique to each site or service. But security incidents like this are a reminder that not all password managers are created equal and can be attacked, or compromised, in different ways. Given that everyones threat model is different, no one person will have the same requirements as the other. --- https://i.imgtc.com/d9Fc4Qq.gif https://i.imgtc.com/BKHTxYq.gif https://i.imgtc.com/vYYIuDx.jpg <cite>CableZL posted [p:970348827] in Lastpass s... [t:80286610]...</cite> <quote>https://techcrunch.com/2022/12/22/lastpass-customer-password-vaults-stolen/Password manager giant LastPass has confirmed that cybercriminals stole its customers encrypted password vaults, which store its customers passwords and other secrets, in a data breach earlier this year.In an updated blog post on its disclosure, LastPass CEO Karim Toubba said the intruders took a copy of a backup of customer vault data by using cloud storage keys stolen from a LastPass employee. The cache of customer password vaults is stored in a proprietary binary format that contains both unencrypted and encrypted vault data, but technical and security details of this proprietary format werent specified. The unencrypted data includes vault-stored web addresses, but LastPass does not say more or in what context. Its not clear how recent the stolen backups are.LastPass said customers password vaults are encrypted and can only be unlocked with the customers master password, which is only known to the customer. But the company warned that the cybercriminals behind the intrusion may attempt to use brute force to guess your master password and decrypt the copies of vault data they took.Toubba said that the cybercriminals also took vast reams of customer data, including names, email addresses, phone numbers and some billing information. Password managers are overwhelmingly a good thing to use for storing your passwords, which should all be long, complex and unique to each site or service. But security incidents like this are a reminder that not all password managers are created equal and can be attacked, or compromised, in different ways. Given that everyones threat model is different, no one person will have the same requirements as the other.</quote> ... Copied to Clipboard!
MetroidGamer666 12/22/22 8:44:19 PM #2:	Hope no one kept their GameFAQs passwords on there..: <cite>MetroidGamer666 posted [p:970348853] in Lastpass s... [t:80286610]...</cite> <quote>Hope no one kept their GameFAQs passwords on there..:</quote> ... Copied to Clipboard!
#3	Post #3 was unavailable or deleted.
CE_gonna_CE 12/22/22 8:46:38 PM #4:	My work has always heavily pushed LP but Ive never used it. Dodged a bullet, I guess. --- https://gamefaqs.gamespot.com/boards/1531-food-delivery-services-general <cite>CE_gonna_CE posted [p:970348914] in Lastpass s... [t:80286610]...</cite> <quote>My work has always heavily pushed LP but Ive never used it. Dodged a bullet, I guess. </quote> ... Copied to Clipboard!
Trumpo 12/22/22 8:49:12 PM #5:	Paper beats password manager --- Lancool II \| Z690 Tomahawk \|12700K \| Fuma 2 \| RTX 3070Ti \| 16GB 3600MHz \| FireCuda 530 1TB \| Inland NVMe 1TB \| RM750x <cite>Trumpo posted [p:970348976] in Lastpass s... [t:80286610]...</cite> <quote>Paper beats password manager </quote> ... Copied to Clipboard!
CableZL 12/22/22 8:50:19 PM #6:	Trumpo posted... Paper beats password manager Scissors beats paper --- https://i.imgtc.com/d9Fc4Qq.gif https://i.imgtc.com/BKHTxYq.gif https://i.imgtc.com/vYYIuDx.jpg <cite>CableZL posted [p:970349003] in Lastpass s... [t:80286610]...</cite> <quote>Trumpo posted... </cite><quote>Paper beats password manager</quote>Scissors beats paper</quote> ... Copied to Clipboard!
CableZL 12/22/22 8:51:00 PM #7:	CE_gonna_CE posted... My work has always heavily pushed LP but Ive never used it. Dodged a bullet, I guess. My last job still uses LastPass, I think. My current job doesn't, though. We use 1Password, and I think 1Password is much better. --- https://i.imgtc.com/d9Fc4Qq.gif https://i.imgtc.com/BKHTxYq.gif https://i.imgtc.com/vYYIuDx.jpg <cite>CableZL posted [p:970349013] in Lastpass s... [t:80286610]...</cite> <quote>CE_gonna_CE posted... </cite><quote>My work has always heavily pushed LP but Ive never used it. Dodged a bullet, I guess.</quote>My last job still uses LastPass, I think. My current job doesn't, though. We use 1Password, and I think 1Password is much better. </quote> ... Copied to Clipboard!
Kloe_Rinz 12/22/22 8:52:27 PM #8:	Just make sure to use a password that is long enough it would take years to brute force (I mean hundreds of years or more, as CPUs improve then estimates today will drop). Theres sites out there that will tell you that info and then make sure to reset your passwords every 6-12 months so that eventually when your vault is brute forced, the passwords in there are all invalid regardless my job uses LastPass as well, Im not a fan of it. I use 1password personally because the apps are far nicer with more features. Even Bitwarden is better than LastPass IMO, but 1password is more premium feeling than Bitwarden so I dont mind paying the fee <cite>Kloe_Rinz posted [p:970349039] in Lastpass s... [t:80286610]...</cite> <quote>Just make sure to use a password that is long enough it would take years to brute force (I mean hundreds of years or more, as CPUs improve then estimates today will drop). Theres sites out there that will tell you that infoand then make sure to reset your passwords every 6-12 months so that eventually when your vault is brute forced, the passwords in there are all invalid regardless my job uses LastPass as well, Im not a fan of it. I use 1password personally because the apps are far nicer with more features. Even Bitwarden is better than LastPass IMO, but 1password is more premium feeling than Bitwarden so I dont mind paying the fee </quote> ... Copied to Clipboard!
Tyranthraxus 12/22/22 8:59:17 PM #9:	Oh Jesus fuck this is gonna cause problems at work --- It says right here in Matthew 16:4 "Jesus doth not need a giant Mecha." https://i.imgur.com/dQgC4kv.jpg <cite>Tyranthraxus posted [p:970349158] in Lastpass s... [t:80286610]...</cite> <quote>Oh Jesus fuck this is gonna cause problems at work</quote> ... Copied to Clipboard!
#10	Post #10 was unavailable or deleted.
TheValiant 12/22/22 9:13:38 PM #11:	Password manager is an oxymoron. Darwin awards for everyone who uses one. --- RUMBLING! RUMBLING! IT'S COMING! Rumbling. Rumbling... cOmInG fOr YoUUUUUUUUUUUU! <cite>TheValiant posted [p:970349455] in Lastpass s... [t:80286610]...</cite> <quote>Password manager is an oxymoron. Darwin awards for everyone who uses one.</quote> ... Copied to Clipboard!
Kloe_Rinz 12/22/22 9:16:34 PM #12:	TheValiant posted... Password manager is an oxymoron. Darwin awards for everyone who uses one. ? They are fine lol. Just cycle your passwords and make them long. <cite>Kloe_Rinz posted [p:970349502] in Lastpass s... [t:80286610]...</cite> <quote>TheValiant posted... </cite><quote>Password manager is an oxymoron. Darwin awards for everyone who uses one.</quote>? They are fine lol. Just cycle your passwords and make them long. </quote> ... Copied to Clipboard!
1337toothbrush 12/22/22 9:17:06 PM #13:	That's the last place I'd put my pass. --- https://imgur.com/a/FU9H8 - https://i.imgur.com/ZkQRDsR.png - https://i.imgur.com/2x2gtgP.jpg <cite>1337toothbrush posted [p:970349516] in Lastpass s... [t:80286610]...</cite> <quote>That's the last place I'd put my pass.</quote> ... Copied to Clipboard!
crazygamer21 12/24/22 12:42:00 PM #14:	TheValiant posted... Password manager is an oxymoron. Darwin awards for everyone who uses one. That's a dumb take. Just use a manager that doesn't need to go online like KeePass. I've been trying to tell people for years that this was inevitable. --- https://rateyourmusic.com/~peekingpanda <cite>crazygamer21 posted [p:970379941] in Lastpass s... [t:80286610]...</cite> <quote>TheValiant posted... </cite><quote>Password manager is an oxymoron. Darwin awards for everyone who uses one.</quote>That's a dumb take. Just use a manager that doesn't need to go online like KeePass. I've been trying to tell people for years that this was inevitable. </quote> ... Copied to Clipboard!
Topic List	Page List: 1

Current Events > Lastpass says hackers stole customers' password vaults (+) Yeah! (+)

Current Events > Lastpass says hackers stole customers' password vaults