Threat Watch Alert
Havoc Shield has identified a recent security threat. Refer below for the latest vulnerabilities along with recommended action steps
Security Threat: On December 22, 2022, online password management service LastPass revealed that hackers had obtained extensive information from user accounts such as billing and email addresses, end-user names, telephone numbers, and IP address info.
- Threat actors were able to copy a backup of customer vault data
- Even if you have used LastPass in the past and haven’t deleted your account, you could be susceptible.
- Copied data included both unencrypted and fully encrypted vault information. Where encrypted items can only be accessed using your master password.
- If you have a strong master password, it is likely that the threat actors cannot access your encrypted data (i.e. passwords, credit cards, 2FA)
What to do now:
For those who believe they have been compromised, we suggest changing all passwords for your credentials stored inside of LastPass. Along with that, Havoc Shield offers a password manager, Keeper, as part of their toolset. If you want to save money, protect your information, and upgrade your password manager, click the module below to roll out the Keeper password manager to your team now: