News
Tanium comments on LastPass security breach
December 2022 by Chris Vaughan, Area Vice President of Technical Account Management for EMEA at Tanium
The comment from Chris Vaughan from which reacts to the news that password management company LastPass has been breached.
It’s concerning to hear that LastPass has experienced another security incident following a previous one that was made public back in August. The attack involved source code and technical information being taken from unauthorised access to a third-party storage service the company was using.
The new breach is more severe because customer information has been accessed, which wasn’t the case previously. The intruder has done this by leveraging data exposed in the previous incident to gain access to the LastPass IT environment. The company says that passwords remain safely encrypted and that it is working to better understand the scope of the incident and identify exactly what data has been taken. You can bet that the IT security team is working around the clock on this and their visibility of the network and the devices being connected to it will be severely tested. Most organisations don’t have full visibility, which can make it very difficult in the aftermath of a breach to analyse what damage has been done and where the attacker’s entry point was.
Password managers are a challenging but attractive target for a threat actor, as they can potentially unlock a treasure trove of access to accounts and sensitive customer data in an instant if they are breached. However, I believe that the benefits of using a secure password management solution often far outweigh the risks of a potential breach. When layered with the other security recommendations, it’s still one of the best solutions to prevent credential theft and associated attacks. We just have to hope that customer confidence has not been impacted too much by these recent attacks.
LastPass customers should continue to monitor the website and official communications for new guidance. If the breach expands, then users should consider evaluating their security posture. This could involve proactively rotating passwords or temporarily using another password manager. I would also encourage everyone to use multi-factor authentication for their password management solution, this extra layer of security can be vital when breaches occur.
