More than 33 million people and more than 100,000 companies use the LastPass service.
LastPass – the world’s most popular password manager, used by more than 33 million people and more than 100,000 companies – has been hacked for the second time in three months. The attackers managed to gain access to some data.
The company believes the hackers used information stolen during the August 2022 incident for this breach. It is emphasized that attackers did not gain access to passwords stored in the cloud. LastPass services continue to operate as normal.
Cyber security specialists from Mandiant have already been involved in the investigation, and law enforcement officials have also been informed about the attack.
It is not yet known what information the hackers were able to gain access to, but LastPass assured that customers’ passwords were not compromised and “remain securely encrypted” thanks to the LastPass Zero Knowledge architecture.
Google has begun testing a “password-free future”
Earlier, the search giant announced a new step towards a password-free future by implementing the FIDO standard in Android and the Chrome browser. This will allow gadgets to generate unique Passkeys and pass them to sites instead of passwords.
To use Passkey, you need to have physical access to the smartphone and use a fingerprint scanner or passcode for authentication. Android passkeys are stored locally on your phone, but they’re also stored in the cloud in case you lose your device.