On August 25, 2022, LastPass, a password manager tool that has over 25 million users, confirmed the rumors that their servers had been breached several weeks prior to the announcement. While the company didn’t provide specific details, they did say that hackers had stolen some proprietary information and “portions of source code.”
Should you be concerned by a cybersecurity data breach? LastPass is used by many individuals and businesses as a way of tracking passwords. Users store their passwords in the LastPass system. When you go to log in to a website, LastPass auto-fills in your password, so you don’t have to remember it. LastPass is considered a freemium app, which means you can use its basic features for free but have to pay for advanced options.
Should the LastPass Data Breach Concern You?
Even if you aren’t a LastPass user, you should still be concerned. Again, 25 million people use it, which means it’s possible people at your company use LastPass to save passwords related to their work. Whether it’s a Gmail password or a login for the backend of your company’s website, if that password was stolen, it could affect your business. Individuals may have their passwords to your website stolen, which could create issues in your system.
The good news is that LastPass has not reported that their user databases were breached. Instead, the cyber-attack affected their development servers. The attackers made use of a developer account to access proprietary data. Fortunately, LastPass’s incident response team was able to lock down the servers and prevent hackers from accessing anything else. The company’s IT team found no evidence suggesting customer information or passwords were accessed.
That said, LastPass has been the victim of a cyber-attack before, which does raise some questions about its security. However, the last attack occurred in 2015. That attack did access customer emails, password reminder phrases, and master passwords. Fortunately, they were not able to access the specific encryption keys that protect master passwords, so it was unlikely that the hackers were able to decrypt any passwords. However, users were encouraged to change their master passwords following that breach. At this time, LastPass has not recommended this step to users following the recent breach.
What About the Information that was Stolen?
While no customer data was stolen, that doesn’t mean that the information that was accessed wasn’t valuable. With the source code and other proprietary information, these hackers have an idea of how LastPass works. However, they may be able to learn how the system works and where specific information, including encryption keys and user data, are accessed. They may be able to come at the system’s security from a new angle and successfully steal information in a future attack.
LastPass hasn’t released any details about what specifically was taken or what steps they will take other than investigating the breach. This makes it difficult for individuals and businesses to fully know how serious a future attack could be. If the data stolen was related to changes or updates to the system, those updates can be scrapped. However, if the source code taken is a part of the current architecture, it may be impossible to remove or change without completely rebuilding the LastPass system.
What Should You Do About This Data Breach?
If you’re a LastPass user, you may be wondering if you should continue using the system. If you’re a business owner or manager, you might be considering banning your employees from using it for anything work-related. These are valid responses, though they may not be necessary at this time. Again, while no passwords or customer data was stolen, it’s unknown how the code that was taken could be used.
It’s up to each individual user and business to decide how to react to the LastPass data breach. This attack does serve as a reminder that any company can be the target of an attack, even those with very strong security. Fortunately, LastPass was able to quickly identify that a data breach was in progress and put a stop to it.
If your own security hasn’t been reviewed recently or is lacking, it may be time to bring in the experts. Wooden Spoon provides managed IT services to a wide range of businesses, including security. We can assist you in evaluating, testing, and updating your security so you can rebuff many cyber-attacks and, if one should get through, quickly identify and quarantine it. Reach out today to learn more.