A Break In To LastPass’ Vault

Much Safety, So Security

As the quote from Lastpass and Bleeping Computer reads, “some of the stolen vault data is “safely encrypted“.  That is good news for the customers of Lastpass who have to hear there has been a second breach of the company this year.   This time the unencrypted data that was snatched includes company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP address you last hit their servers from.

On the plus side your username, passwords, secure notes, attachments, and form-fill fields are fully AES-256 encrypted so there is little chance they will be truly compromised and your master password is not stored by Lastpass.  With all the information stolen the dastardly nogoodniks could pick up a powerful GPU to try to brute force your master password but even with an NVIDIA Tesla it will take a very long time to accomplish.

Merry Christmas? 

Leave a Reply