LastPass Possibly Hacked, Cloud Security Concerns on the Rise

LastPass Possibly Hacked, Cloud Security Concerns on the Rise

Conspiracy theory admirers will be happy to hear the news that today, following Amazon’s outage and recent security breaches at Sony, cloud-based password storage and management company LastPass announced a possible successful hacker’s attack against its servers.

If you have a strong, non-dictionary-based password or pass phrase, this shouldn’t impact you – the potential threat here is brute-forcing your master password using dictionary words, then going to LastPass with that password to get your data. Unfortunately not everyone picks a master password that’s immune to brute-forcing,” the company wrote in a blog post as cited by The Register.

To counter that potential threat, we’re going to force everyone to change their master passwords. Additionally, we’re going to want an indication that you’re you, by either ensuring that you’re coming from an IP block you’ve used before or by validating your email address…We realize this may be an overreaction and we apologize for the disruption this will cause, but we’d rather be paranoid and slightly inconvenience you than to be even more sorry later,” the blog post added.

LastPass’s security experts discovered unusual behaviour of their database server with more traffic going out compared to incoming data. Therefore, company’s specialists decided that such behaviour could be signalling a hackers’ activity related to siphoning out stored login credentials and other sensitive user data. The company decided to reset user master passwords in an attempt to protect customers from possible data leakage.
Actually, the web-based password-management company did not confirm that any sensitive user data have been stolen until now but chances are great that following unusual database server activity some users might witness their master passwords compromised. Master passwords are passwords that protect lists of passwords used to access other websites and online services in the cloud.

The company already announced it will enhance encryption algorithms used in protecting customers’ data and will introduce additional measures to secure sensitive data on its servers. LastPass’s experts are rumoured to suspect the hackers took advantage of the company’s VoIP service to get access to the company’s database and start extracting data. However, just a small amount of data had been extracted, so LastPass users should not be over-reacting to the news.

LastPass had experienced similar problems in the past with users not being affected by data leakage at the time of the previous security breach. Alarmingly, such accidents are becoming a routine in 2011 rising serious doubts whether users should take cloud security for granted. Both large corporations and start-up cloud companies experience the same kind of security problems, resembling past accidents that have troubled corporate and individual customers in the past. One would say that hackers’ activity is subject to the same fundamental factors that drive the stock market cycles unless global recession increasing number of hacking attempts are developing concurrently.

Obviously, tech community members should re-think their vision on cloud security and how these problems should be resolved.

By Kiril Kirilov

About Kiril Kirilov

Kiril V. Kirilov has covered IT and business and finance topics as a full-time journalist and freelance writer for over two decades. His other fields of expertise include content strategy and content marketing, as well as all business aspects of technology industry trends.

Health Cloud Capabilities ORLANDO, FL. - 20 Feb 2017: At the 2017 Health Information Management Systems Society (HIMSS) conference in Orlando, IBM (NYSE: IBM) today introduced expanded capabilities for the Watson Platform for Health Cloud and a specialized Watson Health Consulting Services unit dedicated to helping clients and partners across the healthcare ecosystem capture the business opportunity of cognitive computing ...
Read More
Philips spotlights connected technology, predictive analytics software, and artificial intelligence advancing population health and precision medicine at HIMSS 2017 AMSTERDAM, Feb. 17, 2017 /PRNewswire/ -- Featuring new and enhanced connected health offerings at the 2017 HIMSS Conference & Exhibition (HIMSS17), Royal Philips (NYSE: PHG,AEX: PHIA), a global leader in health technology, will showcase a broad range of population health management, ...
Read More
Cupertino, California — Apple today announced its 28th annual Worldwide Developers Conference (WWDC) — hosting the world’s most talented developer community — will be held at the McEnery Convention Center in San Jose. The conference, kicking off June 5, will inspire developers from all walks of life to turn their passions into the next great innovations and apps that customers ...
Read More
When Cisco Systems Inc. reports earnings Wednesday, the big question will be if the networking giant’s repeated gambles on software can reverse a yearlong sales slide, or at least point to a reversal of that trend in the future. Cisco CSCO, +1.06%  is scheduled to report fiscal second-quarter earnings less than a month after announcing its latest multibillion-dollar software acquisition, ...
Read More
Offering Integrated and Automated Solutions, Expansive Partner Ecosystem, Advanced Architecture with Cross-Industry Collaboration SAN FRANCISCO, Feb. 14, 2017 – Today Intel Security outlined a new, unifying approach for the cybersecurity industry that strives to eliminate fragmentation through updated integrated solutions, new cross-industry partnerships and product integrations within the Intel Security Innovation Alliance and Cyber Threat Alliance (CTA). “Transforming isolated technologies ...
Read More