Need Urgent Help?
Get in touch with our Emergency Support Team:

0113 887 3999

What is LastPass?

LastPass is a Password Manager that, at least until recently was very popular for both individuals and organisations to store, share and manage passwords. You might have read the numerous stories however which started to surface during 2022 about a breach of LastPass’s systems. Password managers work by generating and storing passwords for websites, applications and other notes for you. To make them more useful, they are usually connected via cloud services allowing all your devices to access the same passwords. Unfortunately, with this convenience comes risk.

Prior to the disclosure of the scale and nature of the breach, Afinite used LastPass to store and manage certain passwords for our internal use – supplier websites and other credentials used by the business (though not client credentials which are stored in our documentation platform IT Glue).

What happened?

In short, what matters is that it would appear that hackers accessed LastPass’s systems and took copies of the Password Vault data stored there as well as the source code itself. This means that they do not require any MFA credentials as they already have a copy of the Vault itself. They just need to break into the vault either using Brute Force or other methods which will allow them to access your passwords.

What is slightly more frustrating is that this attack has highlighted that LastPass does not actually encrypt all the data it stores for you. Specifically, URL and other related data about the credentials being stored are not encrypted allowing the attackers to target their efforts as they can see what websites / services the vaults hold passwords for.

Below is a brief timeline of the events which took place. Specifically, these are the publication of information about the incident which mainly took place in summer 2022.

Our main disappointment is that it took a long time for LastPass to provide a full account of the extent of the breach and its implication leading to a large amount of speculation much of which proved to be true. This was worsened by holding important announcements during the Christmas period which in the UK is typically a period of holiday when people are not in work and therefore not tracking the news as they otherwise would have.

What should you do?

While we have lost faith in LastPass and chosen to move to another platform entirely – BitWarden, this is not the only answer or necessarily something you should definitely do. The most important thing to understand is that potentially any credentials stored in your LastPass Vault have been, or will be in the future compromised. Therefore, the most important step you can take is to go through your accounts and change the passwords used as well as making sure you have MFA/2FA (Multi Factor Authentication / Two Factor Authentication) setup.

On the subject of MFA/2FA, many services provide backup codes which can be used in place of a real MFA/2FA response as a recovery procedure. If these are stored in your password manager, you should consider rotating these also if possible.

Attacks such as those targeting YouTubers with cookie attacks show how passwords themselves are often not required to gain access to systems and to cause disruption.

Thank You

We hope you have found this article helpful. If you have any questions about cyber security for yourself or your business, please get in touch with us via the booking form below.

Book a Meeting

Share Via:

Related Blog Posts

16th May 2023

The nature of the workplace has transformed in recent years. This evolution is due to technological advances, among economic disruptions, such as Covid-19. In today’s work, employees have the expectation to work…

8th March 2023

You may have heard us mention quite a while back in 2018 that server 2012 R2’s end-of-life road map was beginning and Microsoft were removing their mainstream support for this server. So…

Get In Touch

Whether you’re having a complete system overhaul or whether it’s
something specific you’re having a problem with.
We’re here to help.

Contact Us

Or Call Us On:

0113 887 3999