LastPass Promises No Data Breach Following Hacking Scare; Caused by Fabricated Breach Alerts?

LastPass Promises No Data Breach Following Hacking Scare; Caused Fabricated Breach Alerts?
LastPass breach was recently reported as users started receiving warning messages against LastPass compromised data. However, LastPass clarified to its users and to the public that it was an attempted LastPass hacking and no data was breached. Photo : LIONEL BONAVENTURE / Getty Images

LastPass breach was reportedly an attempted and unsuccessful hacking.

Following allegations from users that they were warned of illegal login attempts, LastPass claimed that there is no proof of a data breach.

LastPass said that it has never been hacked and that cybercriminals have never gained access to any customers' accounts.

LastPass Breach 2021

As reported by The Verge, Nikolett Bacso-Albaum, the senior director of LogMeIn Global PR, stated that the alerts users did receive were related to a "fairly common bot-related activity" involving malicious tries to breach the company's data.

The attempted LastPass breach done by hackers strived hard to gain access to accounts using email addresses and passwords gathered from previous breaches of third-party services.

However, as Basco-Albaum stated, it's crucial to stress that LastPass has garnered no evidence that accounts were ultimately accessed, or that the LastPass service was otherwise hacked.

He added that the company evaluates consistently for this type of activity on a regular basis, and will continue making efforts to ensure that LastPass, its users, and their data are safe and secure.

LastPass vice president of product management Dan DeMichele sent a comment that at least some of the warnings were "likely triggered in error" due to an issue that LastPass has since rectified.

He meant that as a result of their analysis on the alleged LastPass breach, they have discovered that some of these security alerts, which were sent to a small number of LastPass customers, were most likely sent in error.

As a result, the company has tweaked its security alert systems, and the problem is now fixed. 

The company's continuing efforts to protect its clients from malicious actors and credential stuffing attempts sparked these alerts.

LastPass's Attempted Breach

LastPass was not the victim of a huge password breach.

According to the firm, they are not a victim of a huge password breach.

However, hackers did try to breach accounts by exploiting username and password combinations from previous data breaches.

The Apple Insider reported that LastPass issued an official statement confirming that they suspect the behavior is related to attempted "credential stuffing," in which a malicious entity tries to access user accounts using email addresses and passwords stolen from third-party breaches relating to other unaffiliated services.

Fortunately, LastPass clarified that no indication of real hacking has been found.

Read Also: Android Scam: Answering Your Phone Can Lead to Bank Hacking [Warning Signs, How to Avoid]

Keeping Password Manager Safe

According to TechRadar, LastPass is a popular password manager that creates, saves, and changes passwords on a regular basis.

It's one of a slew of free password managers on the market.

Passwords are widely regarded as the most vulnerable link in the cybersecurity chain. As a result, security experts advise users to generate strong, unique passwords, keep them safe, and change them frequently.

A password manager is advised as a solution to help simplify what is typically perceived as a time-consuming and inefficient process.

Multi-factor authentication, such as through smartphone apps or security keys, is also suggested, particularly for more sensitive services like banking.

Although if LastPass compromised breach was an unsuccessful attack, t's still a smart idea to protect your account with multifactor authentication, which uses other sources to verify a user's identity before users log in.

Related Article: Cybersecurity Warning: Zero-Day Vulnerability in Apache Log4j Discovered in Minecraft, Other Apps

© 2022 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost