![]() ![]() ![]() LastPass investigated recent reports of blocked login attempts and determined the activity is related to fairly common bot-related activity, in which a malicious or bad actor attempts to access user accounts (in this case, LastPass) using email addresses and passwords obtained from third-party breaches related to other unaffiliated services. We reached out to LastPass owner LogMeIn with these reports, and the company states, ![]() According to the emails these people have received, LastPass tells them that the correct master passwords were used, but that the attempts were still blocked due to the unusual geographic location. While that’s bad enough for those affected, LastPass says that there is no indication that their servers were hacked, instead pointing to "third-party breaches related to other unaffiliated services." It looks like a coordinated attack can also be ruled out, with LastPass saying that a few of its recent login warnings were sent out in error.ĪppleInsider first spotted the reports in the Hacker News forum, where multiple users write that LastPass informed them about blocked login attempts originating from other parts of the world, mostly Brazil. Now, a few reports have popped up with people saying that there were login attempts using their correct master passwords. LastPass may be one of the best-known password managers out there, and while many have turned their back on it following what was effectively the shutdown of its free tier in 2021, it’s still a popular choice.
0 Comments
Leave a Reply. |