![]() This precautionary measure is seen as vital, despite the inconvenience it may cause. He advises changing all passwords and migrating any exposed cryptocurrency holdings to safer platforms. He urged LastPass users to take immediate action. Nick Bax, head of analytics at crypto wallet improvement firm Unciphered, has echoed the concerns raised by Monahan in an interview with KrebsOnSecurity. Users and security experts await further clarification on this matter. However, the company has not addressed the potential connection between the two breaches and the reported cryptocurrency thefts. In a statement to The Verge, LastPass CEO Karim Toubba has confirmed that the November 2022 data breach is the subject of an ongoing investigation by law enforcement and is also tied to pending litigation. LastPass's response and ongoing investigations The question remains whether any of the stolen password vaults have been successfully cracked open, granting cybercriminals access to sensitive information. LastPass, a popular password guidance service, faced two well-documented data breaches in August and November of 2022.ĭuring the second breach, hackers gained access to shared cloud storage containing customer encryption keys for vault backups. The stolen funds were traced to the same blockchain addresses, further cementing the connection between the victims and the LastPass security breaches. In the hackernoon article above, he states that the values starting with a '' are encrypted. Researchers, including Taylor Monahan from MetaMask, have identified a common thread among the victims of cryptocurrency theft: they had previously used LastPass to store their "seed phrases."Ī seed phrase is a crucial cryptographic key required to access cryptocurrency investments, often stored securely on encrypted services like password managers. In the Request tab, you will see all the parameters sent by the request, in particular 'name' 'extra' 'grouping' 'url' 'username' 'password and possibly 'hexName' (for Secure Notes). The link between LastPass and cryptocurrency heists In a shocking revelation, it has been reported that over 150 victims of crypto theft have had their LastPass password vaults compromised, resulting in the theft of over $35 million (nearly Rs. Security experts are sounding the alarm as they uncover a concerning connection between a series of cryptocurrency heists and the 2022 LastPass data breaches. Septem| 05:52 pm 2 min read LastPass experienced two significant data breaches in August and November last year (Photo credit: LastPass)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |