The leading password manager- LastPass, laments as cybercriminals jeopardized its system security for a second time this year, stealing customer password vaults. The recent data breach is linked to August incidences whereby the intruders obtained source codes and technical data recently utilized in getting customers’ data.
Hackers Eyes LastPass Customer Password Vault Data
The December 22 notice issued by Karim Toubba, LastPass CEO, ascertains that the earlier data breach failed to compromise customers’ data. The hackers only obtained technical information to attack employees’ devices to get keys to customers’ data in cloud storage. Presently, hackers are in the hands of unencrypted customer data, including billing addresses, user names, and customers’ personal information.
Besides the unencrypted data, the hackers stole some encrypted customers’ vault data, such as customers’ website passwords. The recent development by LastPass safeguards the encrypted customer’s vaults through Master passwords that prevent intruders from reading them.
A notable development in cyber security is witnessed as LastPass assures the customers that the firm utilizes state-of-the-art encryption. Its use prevents intruders from reading vault files unless unlocked using a master password known to the customer only.
However, customers with weak master passwords are vulnerable to intrusion activities since the system allows multiple password attempts that encourage hackers to guess passwords forcefully.
Will Web3 Development Deter Cyber-Related Crimes?
Despite the efforts made by password managers to improve conventional safety measures, hackers are getting smarter in executing their breaches. Meanwhile, traditional passwords and usernames need to be replaced with blockchain wallets that safeguard users from cyber crimes.
Undeniably, traditional passwords are considered insecure due to overdependence on cloud storage that is prone to unauthorized access by a third party.
The traditional password system subjects users to utilize the given password on multiple websites. Once the given password is stolen, it fuels breaching other passwords leading to ethical concerns. As a result, LastPass’ immunity to cyber-related crimes will prove effective for a short time. However, ongoing improvements to its security are necessary.
Besides LastPass’s development to halt cyber -crimes, the recent development in Web3 uniquely resolves cyber-related crimes. The Web3 developers have designed browser extension wallets that correspond to Metamask and Trustwallet that the user utilizes in login through a cryptographic signature. Notably, the Web3 developments minimize passwords and reduce over-reliance on cloud servers.