Following multiple reports from users of the popular password manager LastPass about unauthorized login attempts to their accounts, the company behind the platform now claims that no passwords were compromised and that all data remains “protected and secure.”
Earlier this week, a post on the Hacker News forum mentioned an unrecognized login attempt on a LastPass account. According to the report, the LastPass system identified the attempt from Brazil and warned that the login was made using the account’s master password.
In the next few hours, several other users reported similar issues with login attempts from different countries. Other users have shared on Twitter their reports of unauthorized login attempts to their LastPass accounts.
While users were understandably concerned about a possible password leak, one of the executives at LogMeIn (the company that owns LastPass) told The Verge that the alerts came from “bot-related activity” using email addresses and passwords from past breaches obtained by third-party services.
The company also said in the statement that it is constantly monitoring suspicious activity and that users shouldn’t be worried as there’s no evidence that any accounts were successfully accessed by attackers.
“It’s important to note that we do not have any indication that accounts were successfully accessed or that the LastPass service was otherwise compromised by an unauthorized party,” Basco-Albaum said. “We regularly monitor for this type of activity and will continue to take steps designed to ensure that LastPass, its users, and their data remain protected and secure.”
If you’re a LastPass user, there are a few things you can do to prevent someone from accessing your account, such as enabling multi-factor authentication to verify your identity before a login attempt. More details about multi-factor authentication can be found on the LastPass website.
FTC: We use income earning auto affiliate links. More.
Comments