Your passwords may be wandering wild after this hack

The password manager confirms that the encrypted passwords were stolen by hackers during an attack last August.

and happy birthday. LastPass may have uploaded a file blog post He explains his information about the hack that Password manager He was a victim this summer.

Should we worry?

While we thought the story was closed, LastPass tells us the publisher has new information to reach out about The hack whose content we reported to you a few weeks ago.

During the last point the company mentioned, we learned that the personal data had indeed been stolen but no password was part of the combination. Not anymore, 30 million users reported the password manager today.

On his blog, Karim Tuba, CEO of the company, admitted today that hackers have stolen encrypted passwords and are trying to decrypt them. But we should not worry too much, this is confirmed by the person concerned.

Basically, it is very difficult to read the encrypted content

To be more precise, hackers managed to get their hands on some users’ safe. The safe that contains in cryptographic form all passwords provided by the company’s customers. However, without the master key, known only to the user, it is impossible to access the contents of the safe.

” These secure fields are encrypted using the 256-bit AES protocol and can only be decrypted with a unique key derived from the master password that only users know. As a reminder, the master password is not known to LastPass and is not stored or operated by LastPass. Karim Tuba reassures.

So what if you were worried that you were among the people data hackers are trying to reach? Unfortunately not much. As we have seen, hackers are unlikely to be able to do anything with this unreadable data. On the other hand, it is possible for hackers to try to trick their victims by impersonating LastPass so that their victims will voluntarily give them the master password. So be especially vigilant of the sender of any email, and don’t access LastPass from a link in an email.