Thursday, May 5, 2011

Company Customer Database Hacked? Kicker... it's a password company!

Password management system LastPass has reset users' master passwords (1.25 million of them according to security expert Brian Krebs) as a precaution following the discovery of a possible hack attack against its systems...

The worst case scenario is that miscreants might have swiped password hashes, a development that leaves users who selected easier-to-guess passphrases at risk of brute-force dictionary attacks. Once uncovered, these login credentials might be used to obtain access to all the login credentials stored through the service, as LastPass explains in a blog post. (more)