It is worse than previously thought. The data obtained from the previous incident was used by the criminals.
The password manager's latest update states that hackers were able to copy a backup of customer vault data from the encrypted storage container, which contained both unencrypted data and secure notes.
In August, LastPass said that no customer data was compromised after it was hacked. The company said that certain elements of customer data were affected by the security incident.
Threat actors gained access to its source code and used it to compromise a developer's account. As a result of the incident, backups of user password vaults were stolen.
RECOMMENDED VIDEOS FOR YOU...
The master passwords are the only ones that account owners know. Not even LastPass knows that master passwords are protected by Zero Knowledge.
According to LastPass, the hackers may attempt to use brute force to guess your master password. The password vaults are now in the possession of the threat actors.
The treasure trove of data included names, email addresses, phone numbers and some billing information. Affected LastPass account owners are at risk of being attacked with brute force attacks against online accounts that are linked to their LastPass vault.
Even the best password managers are at risk of being attacked. Don't use the same password for all of your online accounts. LastPass doesn't recommend you use your master password on other websites. It is recommended that you change your LastPass master password with a unique combination and protect your account with two-factor authentication.
Every day you'll get the best ofAndroid Central in your inbox.