The bad news about LastPass data breach keep getting worse

Posted on: March 24, 2023 | Written by: Kyle Alm

Sharing is caring!

If you haven’t heard the news about Lastpass there is a reason, and it’s time to switch password managers.

A product we have recommended to our clients for over ten years has experienced a major slip up recently, and compounded their security missteps with a ham handed attempt to cover up what they had done to their user’s security. The response to the security breach is what is the cause of this change in recommendation. If you were impacted by the Lastpass breach because we recommended it, we apologize for your inconvenience. We experienced it first hand and changed hundreds of passwords (just in case).

Some of it isn’t *entirely* their fault. Their employee had their home broken into, I feel bad for them on a personal level, and I understand that these things happen. The employee may or may not have been targeted for the vault. Having a server breached and password vaults taken, that’s a bit worse, especially for a security company it shows a lack of expertise and ignoring threats. Not disclosing that this happened was surprising to say the least. Normally there are emails from Lastpass warning about minor security issues, but I don’t recall seeing an email from them warning me that this happened.

 

Security Minus Trust

Security Companies and products should feel a greater sense of accountability to the public. We have taken issue in the past with antivirus and VPN companies have sold their users data to marketing companies, and we feel that Lastpass You can look at Wordfence’s recent example of making threat data public to see a good example of community. LastPass allegedly tried to hide their company updates about the breached password vaults with noindex tags.

You can’t keep bad news out of Google with a noindex tag. Other outlets covered the story and made it even more outrageous. A recent corporate ownership takeover was brought up a lot, ownership has changed hands again, but improvements within Lastpass were few and far between before that. After switch to 1password Lastpass just started to look really old and clunky. 1Password has been worth it so far, and a password manager is a real necessity until passwords are a thing of the past.

 

What Now?

We take our recommendations seriously, and we want to be diligent about cybersecurity. Security requires trust and vigilance. You don’t get to take days off and you can’t get caught misrepresenting the facts of the matter. We apologize for any inconvenience and hope your accounts are all still secure. Export your passwords to 1password this week if you haven’t already.

 

About the author:

Kyle Alm SEO Bandwagon Kyle Alm is an SEO Expert and Digital Marketing Strategist founded SEO Bandwagon in 2009 and has established a track record of success a decade long amounting to dozens of websites created, hundreds of pages optimized, thousands of leads generated, and millions of dollars in revenue generated for SEO Bandwagon and our clients. Kyle graduated from Central Washington University with a Bachelor’s in Political Science and a Bachelor’s in Public Policy. Political campaigns probably isn’t how most marketing consultants get started, but the parallels are there. Selecting a universe of households to target with a message and maximizing a budget for direct mail and other forms of outreach does sound a lot more like traditional marketing.  

Leave a Reply

Your email address will not be published. Required fields are marked *