Metacurity

Share this post

LastPass Confirms Credential Stuffing Attempts But Says No Accounts Have Been Compromised

metacurity.substack.com

LastPass Confirms Credential Stuffing Attempts But Says No Accounts Have Been Compromised

Apache releases another Log4j version to fix a new flaw, T-Mobile suffered another, smaller data breach, Movie piracy app clones on Samsung store can infect phones with malware, much more

Cynthia Brumfield
Dec 29, 2021
∙ Paid
1
Share

Password keeper LastPass confirmed that some of its users had been subject to credential stuffing attacks but said it had no indication that any accounts had been compromised or any LastPass credentials were harvested by malware, rogue browser extensions, or phishing campaigns.

A spokesperson for parent company LogMeIn said that it would continue to investigate what was causing automated security alert e-mails to be triggered from its systems. He also said that some of the security alerts sent to a limited subset of LastPass users were likely triggered in error. As a result, LastPass adjusted its security alert systems, and the issue has since been resolved. (Sergiu Gatlan / Bleeping Computer)

Related: Apple Insider, Android Police, Security News | Tech Times, Reddit, Gizmodo, LastPass, Reddit, Slashdot, iPhone in Canada Blog, The Verge, MobileSyrup.com, Ubergizmo, Input, Cyber Kendra, protocol, DataBreaches.net, Security Affairs, Silicon Angle, The Register - Security, The Record by R…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing