Password manager service LastPass gets hacked

LastPass, and other password managers like Dashlane and Roboform, were created to address the issue that passwords are a notoriously poor form of security. People tend to use weak, easy-to-remember passwords, re-use passwords across a multitude of accounts, and forget to change their passwords often enough (if at all). LastPass’ solution allows its users to only have to remember one strong master password, which is used to access all individual account logins and passwords stored by LastPass in encrypted user vaults.

LastPass says it discovered and blocked “suspicious activity” on its network. Further investigation revealed that e-mail addresses, password reminders, server per user salts (data added to passwords to make them harder to crack), and authentication hashes were all compromised. No accounts were compromised, and attackers did not gain access to encrypted user vault data.

The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.

The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.

Categories

Payments

Fraud and Fincrime

Fintech

Crypto, Web3 and CBDC

Regulations

M&A and Investments

Current themes

A2A Payments

Payment Orchestration

TradFi and DeFi Convergence

KYC, KYB and Digital Identity