LastPass Possibly Hacked, Cloud Security Concerns on the Rise

LastPass Possibly Hacked, Cloud Security Concerns on the Rise

Conspiracy theory admirers will be happy to hear the news that today, following Amazon’s outage and recent security breaches at Sony, cloud-based password storage and management company LastPass announced a possible successful hacker’s attack against its servers.

If you have a strong, non-dictionary-based password or pass phrase, this shouldn’t impact you – the potential threat here is brute-forcing your master password using dictionary words, then going to LastPass with that password to get your data. Unfortunately not everyone picks a master password that’s immune to brute-forcing,” the company wrote in a blog post as cited by The Register.

To counter that potential threat, we’re going to force everyone to change their master passwords. Additionally, we’re going to want an indication that you’re you, by either ensuring that you’re coming from an IP block you’ve used before or by validating your email address…We realize this may be an overreaction and we apologize for the disruption this will cause, but we’d rather be paranoid and slightly inconvenience you than to be even more sorry later,” the blog post added.

LastPass’s security experts discovered unusual behaviour of their database server with more traffic going out compared to incoming data. Therefore, company’s specialists decided that such behaviour could be signalling a hackers’ activity related to siphoning out stored login credentials and other sensitive user data. The company decided to reset user master passwords in an attempt to protect customers from possible data leakage.
Actually, the web-based password-management company did not confirm that any sensitive user data have been stolen until now but chances are great that following unusual database server activity some users might witness their master passwords compromised. Master passwords are passwords that protect lists of passwords used to access other websites and online services in the cloud.

The company already announced it will enhance encryption algorithms used in protecting customers’ data and will introduce additional measures to secure sensitive data on its servers. LastPass’s experts are rumoured to suspect the hackers took advantage of the company’s VoIP service to get access to the company’s database and start extracting data. However, just a small amount of data had been extracted, so LastPass users should not be over-reacting to the news.

LastPass had experienced similar problems in the past with users not being affected by data leakage at the time of the previous security breach. Alarmingly, such accidents are becoming a routine in 2011 rising serious doubts whether users should take cloud security for granted. Both large corporations and start-up cloud companies experience the same kind of security problems, resembling past accidents that have troubled corporate and individual customers in the past. One would say that hackers’ activity is subject to the same fundamental factors that drive the stock market cycles unless global recession increasing number of hacking attempts are developing concurrently.

Obviously, tech community members should re-think their vision on cloud security and how these problems should be resolved.

By Kiril Kirilov

Sorry, comments are closed for this post.


CloudTweaks Sponsors - Find out more!

Popular

Top Viral Impact

Cloud Computing Adoption Continues

Cloud Computing Adoption Continues

Cloud Computing Adoption Continues Nowadays, many companies are changing their overall information technology strategies to embrace cloud computing in order to open up business opportunities.  There are numerous definitions of cloud computing. Simply speaking, the term “cloud computing” comes from network diagrams in which cloud shapes are  used to describe certain types of networks. All…

Cloud Infographic: Cloud Public, Private & Hybrid Differences

Cloud Infographic: Cloud Public, Private & Hybrid Differences

Many people have heard of cloud computing. There is however a tremendous number of people who still cannot differentiate between Public, Private & Hybrid cloud offerings.  Here is an excellent infographic provided by the group at iWeb which goes into greater detail on this subject. Infographic source: iWeb About Latest Posts kiril Latest posts by…

Cloud Infographic – The Power Of Cloud Disaster Recovery

Cloud Infographic – The Power Of Cloud Disaster Recovery

Cloud Infographic – The Power Of Cloud Disaster Recovery Preventing a Cloud Disaster is one thing. Recovering from a disaster is a whole other area of concern. Today’s infographic provided by CloudVelox outlines some best practices and safeguards in order to help your business make more informed decisions. About Latest Posts kiril Latest posts by…

Cloud Infographic: Disaster Recovery

Cloud Infographic: Disaster Recovery

Cloud Infographic: Disaster Recovery  Business downtime can be detrimental without a proper disaster recovery plan in place. Only 6% of businesses that experience downtime without a plan will survive long term. Less than half of all businesses that experience a disaster are likely to reopen their doors. There are many causes of data loss and…


Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

You can help continue to support our community by social sharing, sponsoring, partnering or contributing to this great educational resource.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021
contact@cloudtweaks.com

Join our newsletter