A couple of days ago, AppleInsider spotted alarming reports in the Hacker News forum tied to the password manager service LastPass. According to the reports, several users received alerts in LastPass that unauthorized third parties attempted to access their accounts from various parts of the world, such as Brazil.The method of attack is called “credential stuffing” and involves hackers using users’ details from other breached services to get access to LastPass accounts. Fortunately, according to officials from LastPass, all the unauthorized login attempts have been blocked and furthermore, most of these targeted LastPass accounts appear to be outdated, and not in use.
LastPass vice president of product management Dan DeMichele posted on Twitter that the warning messages might be sent by mistake. “Our investigation has since found that some of these security alerts, which were sent to a limited subset of LastPass users, were likely triggered in error. As a result, we have adjusted our security alert systems and this issue has since been resolved,” said DeMichele.
So, LastPass users should rest assured that their accounts are safe, and greet the New Year with peace of mind. LastPass will continue to monitor the situation, of course, and make sure the service is secure. Meanwhile, changing your master password is always a good idea.
Also Read:
