![]() “Our investigation has since found that some of these security alerts, which were sent to a limited subset of LastPass users, were likely triggered in error,” Gabor Angyal, senior director of engineering at LasPass, explains. We quickly worked to investigate this activity and, at this time, have no indication that any LastPass accounts were compromised by an unauthorized third-party as a result of these credential stuffing attempts, nor have we found any indication that user’s LastPass credentials were harvested by malware, rogue browser extensions, or phishing campaigns.įollow up work by the cloud-based password management service suggest that the blocked password email notification surge was the result of a glitch in the system rather than any malicious activity. In a blog post yesterday (December 28), LastPass said early results of its investigation revealed no evidence that any of its users’ accounts had been hacked or otherwise compromised. ![]() The tactic relies on the insecure habit among all too many consumers of using the same password and login combination on multiple sites. When LastPass noticed an unexpected rise in the occurrence of blocked access emails it initially suspected that it could be the resulted of a “credential stuffing” attack.Ĭatch up with the latest password security news and analysisĬredential stuffing attacks involve attempts to gain access to targeted accounts using email addresses and passwords obtained from third-party breaches. Users in receipt of these emails are invited to go to a link in order to confirm that the attempted login was valid. The emailed notifications to a pre-registered email address would normally follow attempts to log in from a different browser version, device, or location. LastPass has launched an investigation following a recent surge in blocked login attempts. Password vault investigation reveals no evidence of credential stuffing activity
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |