If two days ago we recommended changing the Plex service password again, now it’s another big company that has suffered a security breachalthough unlike the first, users don’t need to take any action, as their data is out of harm’s way.
[WhatsApp reforzará la seguridad de tu cuenta con un doble código de seguridad]
A security flaw in LastPass
Karim Toubba, CEO of LastPass, and via Android Authority, posted on the company’s blog on confirmation of unusual activity detection
In fact, he was able to get access to portions of the LastPass source code and technical information about the company. Which means your products and services continue to operate as if nothing had happened.
In other words, the master passwords have not been targeted by the attacker and the user data remains as is. There is therefore no need to modify anything on the part of the user, and even more so when these master passwords are responsible for encrypting the information uploaded to the LastPass servers.
Of course, in these cases it is always recommended to take advantage of strengthen security measures as well as multi-factor authentication so that the account is always protected. And even more when we are dealing with a service that saves the passwords that users use for social networks, applications, etc.
Now, really knowing the pirate’s intention to go directly from source code of this service is unknown, as it is certain that LastPass will already be finalizing the details to carry out an action that could jeopardize the future of the company.