LastPass Possibly Hacked, Cloud Security Concerns on the Rise

LastPass Possibly Hacked, Cloud Security Concerns on the Rise

Conspiracy theory admirers will be happy to hear the news that today, following Amazon’s outage and recent security breaches at Sony, cloud-based password storage and management company LastPass announced a possible successful hacker’s attack against its servers.

If you have a strong, non-dictionary-based password or pass phrase, this shouldn’t impact you – the potential threat here is brute-forcing your master password using dictionary words, then going to LastPass with that password to get your data. Unfortunately not everyone picks a master password that’s immune to brute-forcing,” the company wrote in a blog post as cited by The Register.

To counter that potential threat, we’re going to force everyone to change their master passwords. Additionally, we’re going to want an indication that you’re you, by either ensuring that you’re coming from an IP block you’ve used before or by validating your email address…We realize this may be an overreaction and we apologize for the disruption this will cause, but we’d rather be paranoid and slightly inconvenience you than to be even more sorry later,” the blog post added.

LastPass’s security experts discovered unusual behaviour of their database server with more traffic going out compared to incoming data. Therefore, company’s specialists decided that such behaviour could be signalling a hackers’ activity related to siphoning out stored login credentials and other sensitive user data. The company decided to reset user master passwords in an attempt to protect customers from possible data leakage.
Actually, the web-based password-management company did not confirm that any sensitive user data have been stolen until now but chances are great that following unusual database server activity some users might witness their master passwords compromised. Master passwords are passwords that protect lists of passwords used to access other websites and online services in the cloud.

The company already announced it will enhance encryption algorithms used in protecting customers’ data and will introduce additional measures to secure sensitive data on its servers. LastPass’s experts are rumoured to suspect the hackers took advantage of the company’s VoIP service to get access to the company’s database and start extracting data. However, just a small amount of data had been extracted, so LastPass users should not be over-reacting to the news.

LastPass had experienced similar problems in the past with users not being affected by data leakage at the time of the previous security breach. Alarmingly, such accidents are becoming a routine in 2011 rising serious doubts whether users should take cloud security for granted. Both large corporations and start-up cloud companies experience the same kind of security problems, resembling past accidents that have troubled corporate and individual customers in the past. One would say that hackers’ activity is subject to the same fundamental factors that drive the stock market cycles unless global recession increasing number of hacking attempts are developing concurrently.

Obviously, tech community members should re-think their vision on cloud security and how these problems should be resolved.

By Kiril Kirilov

Sorry, comments are closed for this post.

Comics
Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Beacons Flopped, But They’re About to Flourish in the Future

Beacons Flopped, But They’re About to Flourish in the Future

Cloud Beacons Flying High When Apple debuted cloud beacons in 2013, analysts predicted 250 million devices capable of serving as iBeacons would be found in the wild within weeks. A few months later, estimates put the figure at just 64,000, with 15 percent confined to Apple stores. Beacons didn’t proliferate as expected, but a few…

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about…

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

There is a Difference – So Stop Comparing We are all familiar with the old saying “That’s like comparing apples to oranges” and though we learned this lesson during our early years we somehow seem to discount this idiom when discussing the Cloud. Specifically, IT buyers often feel justified when comparing the cost of a…

Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in mind when implementing an ERP system. But do you know if cloud-based or on-premise ERP deployment is better for your company or industry? While cloud computing is becoming more and more popular, it is worth…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

5 Things To Consider About Your Next Enterprise Sharing Solution

5 Things To Consider About Your Next Enterprise Sharing Solution

Enterprise File Sharing Solution Businesses have varying file sharing needs. Large, multi-regional businesses need to synchronize folders across a large number of sites, whereas small businesses may only need to support a handful of users in a single site. Construction or advertising firms require sharing and collaboration with very large (several Gigabytes) files. Financial services…