LastPass Security Breach Leads to Data Leak Scare

On August 25^th LastPass sent out an open notice to all their customers, notifying them of a serious security breach in their systems.  In short, the notice reads that two weeks ago, LastPass noticed unusual behavior within their development environment.  They believe that a LastPass developer’s account had been compromised leading to portions of some source code and proprietary LastPass technical information being lost.

LastPass was quick to note that they do not believe any customer data was accessed, or encrypted vaults compromised.  LastPass stated further that they have achieved a state of containment, implementing further security controls, and do not believe there is any further threat of unauthorized activity.

How to Protect Your Data From Similar Intrusion Incidents

Although LastPass does not recommend any action be taken on the part of their customers, it’s always important to verify that your data is protected and mitigate risks for cyber intrusion.  Cybercrime is a big business in today’s world, and in 2022 the cybercrime space is expected to surpass $20 Billion in stolen revenue from targeted ransomware attacks alone.

By following some standard security steps that are easy to remember, you can keep your data and accounts safe from attacks like those that affected LastPass.

• Use Two-Factor Authentication – Multi-Factor Authentication, or also known as 2-Factor Authentication (2FA) is a security protocol that is becoming increasingly available on just about any account you can sign into online. 2FA uses codes that are refreshed and generated after a certain period of time.  These codes are linked to online accounts such as your Bank Account login, Email login, and even LastPass offers an option to enable 2FA.  When you login to your account, you are forced to enter the matching code on your phone to ensure that it’s actually you signing in, and not someone who hacked your account. 2FA has started to become a standard option available for most accounts you can login to online, so it’s recommended that you check to see if any of your current web accounts have this option to enable.
• Improve Password Strength – There are some useful techniques when creating a password that can help you remember your password while making it more difficult for a hacker to guess it. Using a set of words or a phrase that you can easily remember, followed by a number like an important year or date and a special character like the exclamation point (!) or right carrot ( > ) can help make your password more secure and easier to remember. You can also generate strong passwords using tools like LastPass.
• Update Your Passwords Frequently – Passwords are one of the most sought out pieces of data mined and exchanged by the cybercriminal industry. Companies sell databases of known passwords that hackers use to incorporate with their tools to break into accounts like yours.  It is best practice to update your passwords frequently, not use the same password across multiple accounts, and it helps to use a secure password keeper like RoboForm, or indeed LastPass.

No matter how secure your password may be, it’s always wise to take further steps to mitigate the risks of intrusion.  Ensuring your data is backed up at multiple secure levels, devices and software are patched effectively, and that staff and team members are trained on proper security protocols like spotting phishing scams can help prevent the next data breach that could affect you.

Natural Networks offers customers multiple layers of protection, including dark web tracking with Dark Cubed, 24/7 device monitoring, patch management, and more.  If you’re interested in learning more about how Natural Networks can manage your IT and data security adherence, give us a call today!