LastPass reaffirms that there was no password leak

Two LastPass executives returned to the suspicious activity emails received by some password management app users earlier this week and stressed that there had been no credential leaks. According to the company, the messages received by a small number of users were the result of an error in the automated system for triggering e-mails, possibly caused by internal investigations into an increase in scam attempts and account intrusion.

According to Gabor Angyal, vice president of engineering at LastPass, the company is investigating a small increase in the number of access attempts and credential theft by criminals. Such actions would have led to messages about account blocking for a small number of affected profiles, which despite being targets and presenting attention characteristics such as use from multiple devices and locations, were not compromised. The verification continued, he said, by an abundance of caution and may have been the cause of the sending of emails about account intrusion.

In this case, the automatic message informed users that the profile’s master password was used to access the system by third parties and should be replaced; on social networks, some reported receiving the alert repeatedly, even after carrying out the process. According to Angyal, there is nothing to worry about and the warning is an error, as there is no evidence of intrusion or compromise of profiles or the management systems of LastPass and its parent company, LogMeIn, which focuses on remote access.

Want to catch up on the best tech news of the day? Access and subscribe to our new youtube channel, Kenyannews News. Every day a summary of the main news from the tech world for you!

The release was also reproduced by Dan DeMichele, vice president of product management for the application, in contact with different media outlets worldwide. The official word is that, at this moment, there are no signs of compromise and that, even if there were, LastPass does not store or have access to the passwords of its users, which must be known to them, and only to them.

Even with no reason to worry about the security of their profiles, users who prefer can perform tasks such as changing passwords and enabling two-step authentication to ensure additional protection. Also, enabling biometrics systems can be a good way to avoid using master passwords in services of this type.

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button
WP Twitter Auto Publish Powered By :