Kim and Andrew talk about an AI website pumping out 20,000 fake IDs … a day. Plus, a bogus LastPass app makes its way into the App Store, an entire radio tower gets stolen, and Mr. Bean is blamed for the poor EV sales in the UK.
LastPass hacked again - Is it time to say goodbye?
One of the big names in password managers, LastPass, was breached last August. At the time, the company claimed that no user data was compromised.
An update in December revealed the hackers then launched a phishing campaign against a LastPass employee, obtaining credentials and keys they used to decrypt some basic customer data, but passwords or usernames remained safe.
Are you still reeling from those past attacks? LastPass just shared some more bad news. If you’re a customer, you will want to read this.
Popular password manager hacked again
In a post titled “Incident 2 – Additional details of the attack,” LastPass announced that the second attack was more damaging than initially thought. The following is a timeline of events.
The first attack
In August, LastPass announced that a threat actor gained unauthorized access through a single compromised developer account. The hacker stole encrypted LastPass credentials, source code and proprietary LastPass technical information.
LastPass said customer data was safe, as the decryption keys can only be retrieved from the following:
- Closely guarded on-premises data centers.
- A highly restricted set of shared folders in a LastPass password manager vault used by just four DevOps engineers for administrative duties.
This attack concluded on Aug. 12, 2022.
The second attack
The hackers then launched a phishing campaign against an employee, obtaining credentials and keys, which they used to access and decrypt storage volumes within the cloud-based storage service.
Major password manager hacked - What you need to know
A password manager is an excellent solution if you struggle to remember login credentials. It’s also a great way to come up with secure passwords that are incredibly difficult to hack. Unfortunately, this can quickly go sideways when the password manager is breached.
🥩 The password “beefstew” is not stroganoff: Hackers are still going after password manager LastPass. If someone calls and offers help changing your LastPass login, hang up because it’s fake. You really need a better password manager.
6 hidden uses for password managers
By now you know you need strong, original passwords for every account. There’s just one problem: It’s impossible to remember all the complicated passwords you come up with.
You don’t have to stretch your brain to its limits or write everything in a notebook. You can use a password manager, an app on your phone and computer that keeps track of your accounts. Password managers encrypt all of your passwords — and a password also protects them, so only you can access your library of login information.
How to start using a password manager
With all the malware, spyware, phishing scams and data breaches out there, you can never be too safe. As long as your devices are connected to the internet, you’ll constantly be exposed to cybercriminals.
While it’s convenient to create an easy-to-remember password and use it across your accounts, this is a big mistake. A crook needs only access to that one password to make things difficult for you. Tap or click here to check out password mistakes Americans are making.
Saw this one coming: Cybercriminals are posing as employees of the password manager app LastPass to hack your passwords. It starts with an email from “support@lastpass” about “unauthorized access.” The fake site they send you to grabs your real master password. With all the security incidents at LastPass within the last couple of years, I’m not surprised.
The last straw: Password manager LastPass has all kinds of drama around keeping its customers’ logins safe. The latest: A fake app pretending to be the real deal was pulled from the Apple App Store. If you recently downloaded LastPass onto your iPhone, iPad or Mac, it’s time for a complete password purge. I recommend Total Password (it’s just $19).
10 essential apps for your new iPhone or iPad
Did you get a new iPhone or iPad this Christmas? If so, welcome to the Apple ecosystem! The iOS family of products are some of the most robust smart gadgets on the market and are admired by millions of fans worldwide.