Key Points:
The customer’s vault was cloned with all of their information, Lastpass has also confirmed, the company said in a statement on December 23. When thieves gained access to some information on source codes from Lastpass’ development department, data theft took place. Another employee was the target of stealing source codes, and they could obtain passwords and keys to open Lastpass’s cloud-based storage volumes.
Encrypted vaults belonging to some clients were also taken. Each customer who uses the LastPass service stores their website passwords in these vaults. Fortunately, the vaults have a Master Password that encrypts them, preventing the intruder from reading them.
The company’s statement underlines the use of cutting-edge encryption by the service, which makes it incredibly challenging for an attacker to view vault files without the Master Password.
“These encrypted fields remain secured with 256-bit AES encryption and can only be decrypted with a unique encryption key derived from each user’s master password using our Zero Knowledge architecture. As a reminder, the master password is never known to LastPass and is not stored or maintained by LastPass.”
Despite this, LastPass acknowledges that if a user has chosen a weak Master Password, an attacker may be able to use brute force to guess it, decrypt the vault, and obtain all of the user’s website passwords.
The LastPass attack proves a point that Web3 developers have argued for years: blockchain wallet logins should take the place of the conventional username and password login mechanism.
As Coincu reported, ConsenSys updated its privacy policy following the Uniswap. Infura will gather the user’s IP data and Ethereum wallet address when they send a transaction when they utilize Infura as the default RPC provider in the MetaMask wallet.
This makes the community angry because their information will be revealed, and it can be said that decentralization is gradually disappearing from MetaMask. Immediately, ConsenSys responded to users that they only collect data when users make transactions.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Harold
Coincu News
Discover the best cryptos to buy and hold today: Qubetics leads with 1000x potential, Ethereum…
With the platform facing a cracked whip, Trump Media company is expanding into new business…
Major crypto firms, including Ripple, Kraken, and Circle, are competing for spots on President-elect Donald…
Analysts highlight a breakout alert as Shiba Inu (SHIB), and Dogecoin show signs of recovery…
SEC Chair Gary Gensler will step down on January 20, 2025, coinciding with President-elect Donald…
The MicroStrategy convertible notes offering, initially set at $1.75 billion, was increased to $2.6 billion…
This website uses cookies.