Password Manager Has News Its Clients Won't Want to Hear

LastPass says it has suffered 2nd security breach since August
By Jenn Gidman,  Newser Staff
Posted Dec 2, 2022 8:36 AM CST
Password Manager Has News Its Clients Won't Want to Hear
Stock photo.   (Getty Images/RayaHristova)

There's no safer place to keep all of your passwords than with a password manager, right? "Maybe think again on that one" is Lucas Ropek's advice on Gizmodo, at least when it comes to using LastPass. That's because for the second time in three months or so, the service has been hacked. Though LastPass is insisting that no customer passwords, which are "safely encrypted," were pilfered, it concedes in a Wednesday blog post that an "unauthorized party" was able to access "certain elements of our customers' information."

It's not entirely clear what information that may be, though LastPass CEO Karim Toubba says the group is working hard to ID it. "We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement," Toubba writes in the post. The "unauthorized party" mentioned is believed to be the same one that hacked into LastPass' system during a four-day period in August, after which the company noted it found "no evidence" that the hacker or hackers were able to access "customer data or encrypted password vaults." Toubba noted that the info stolen in August was used to gain access this time around.

GoTo, which owns LastPass, put out a "similarly vague statement" about the breach, per TechCrunch. NPR notes that LastPass was awarded an honorable mention in November in Wired's "Best Password Managers" roundup, with the magazine noting it "used to be our favorite free option, but then it changed its free plan ... [to limit] you to a single device." Wired added: "We just don't see any reason to suggest it over our top picks, and it was recently hacked." Per Gizmodo, LastPass has suffered a series of "cyber faux pas" over the years, including a 2011 security breach, a 2015 hacking, and various other "vulnerabilities." (More passwords stories.)

Get the news faster.
Tap to install our app.
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.