Threat Watch: LastPass Password Manager Data Breach

Threat Watch Alert

Havoc Shield has identified a recent security threat. Refer below for the latest vulnerabilities along with recommended action steps

Security Threat: On December 22, 2022, online password management service LastPass revealed that hackers had obtained extensive information from user accounts such as billing and email addresses, end-user names, telephone numbers, and IP address info.

Additional Details 

• Threat actors were able to copy a backup of customer vault data
• Even if you have used LastPass in the past and haven’t deleted your account, you could be susceptible.
• Copied data included both unencrypted and fully encrypted vault information. Where encrypted items can only be accessed using your master password. 
• If you have a strong master password, it is likely that the threat actors cannot access your encrypted data (i.e. passwords, credit cards, 2FA)
  
  

What to do now:

For those who believe they have been compromised, we suggest changing all passwords for your credentials stored inside of LastPass. Along with that, Havoc Shield offers a password manager, Keeper, as  part of their toolset. If you want to save money, protect your information, and upgrade your password manager, click the module below to roll out the Keeper password manager to your team now:

Password Manager:  

Invite your team to join a password manager in Keeper. This will allow your team a central hub to store, share, and protect all company related credentials. Once you roll out the password manager all team members will be invited and reminded on a weekly basis. Ensure that they take action to accept the invitation.

How do I use Keeper’s Password Manager? The password manager is an easy to use highly protected password manager that allows you to store you passwords in a central secure location. To go with their easy to use platform, Keeper provides handcrafted video walkthroughs. Should you have any additional questions, our support team is waiting to help! Simply reply to this email with your specific questions. 

Free Personal Keeper Account with Havoc Shield:

Along with that, each Keeper business account gets a free personal account. For access to a personal keeper account, simply login to your vault and click you email at the top right. Under Account > Subscription, there will be a blue box for you to get instant access to a Family license. For more information review keepers instructions.

Who is Havoc Shield?

Havoc Shield's Cybersecurity portal will provide you business grade cybersecurity tools strengthening your security posture. Within the platform you can roll out tools like:

• Endpoint Threat Protection
• OS and Software Patching
• Computer Policy Management
• Password Manager
• Vulnerability Scanning
• Vendor Risk Register
• Asset Inventory
• And more...

Where can I get started? 

• Sign up for a free 14 day trial for immediate access to our cybersecurity platform and portfolio of best in class cybersecurity tools.
• Ready to upgrade your account? Reply directly to this email with any questions or book a meeting
• Don’t have the bandwidth to roll out Havoc Shield’s cybersecurity tools? Consider upgrading to our Managed Plan. As part of the managed plan, our team rolls out all cyber tools across your fleet as part of a white glove implementation. If interested in upgrading, simply reply to this email for more information.