While the LastPass data breaches initially began in August of 2022, impact continues to make headlines. Most recently, information stolen from LastPass is being linked to mass cryptocurrency thefts totaling in the tens of millions.
The data breach incident(s) resulted in the potential leak of over 30 million customers’ credentials–and the extent of damage is still being uncovered. Let’s remember how this happened: Hackers used keylogging software to gain access to an employee’s home computer in August 2022, and were able to use the information they stole to access the LastPass vault. Then, in December 2022, another attack occurred that exacerbated the leak.
Initially, LastPass indicated that personal information of users had not been compromised. However, it was later discovered that the hackers had been successful in gaining access to unencrypted vault-stored data, including personally identifiable customer information linked to various accounts.
LastPass users before August 2022 are at risk of being impacted by the data breach. LastPass has informed customers of the incident, and updated their status page as new facets unfold.
To date, at least 30 million LastPass user identifiers were exposed to hackers.
Because hackers gained access to encryption keys, they were able to crack into protected credentials stored within the LastPass vault. In addition to customer passwords and end usernames, the following data may have also been compromised:
The data involved in the LastPass data breach poses a serious risk to personal accounts due to the nature of the LastPass product itself. Anyone impacted should act quickly to secure their Personally Identifiable Information and user credentials to prevent any further damage.
Cloaked can offer you a secure password and identity manager that goes above and beyond in securing the information of every customer. Each person who creates an account receives their own personal encrypted database that only they can access. This means that your data would remain protected, even in the event of a data breach. In addition to this, you’re further protected due to the use of separate credentials for each merchant you interact with. So, if one company you have an account with is hacked, simply deleting the Cloaked identity is all that’s required. There is no risk of further data leakage.
Click here to get started today.