In August of this year LastPass suffered a hacker attack that resulted in the theft of encrypted user password backup data. As a service that promises user password security, this vulnerability falls into the serious category. LastPass says users don't need to be serious because through their encryption system, it will take hackers millions of years to guess the password of the stolen backup data.
But today Wladimir Palant a security analyst said LastPass was not transparent in reporting the seriousness of the data theft that took place. He found 14 issues in the statement published by Lastpass on their official website. For example it took hackers two months to guess the backup password instead of millions of years as claimed.
Palant added that there was negligence on the part of LastPass that caused the vulnerability to occur. To LastPass users, they are advised to change all passwords backed up through this service to ensure the security of all accounts used.
Tags
APPS & GAMES