Shulou(Shulou.com)11/24 Report--

CTOnews.com, May 30 / PRNewswire-Asianet /-- password management tool LastPass is facing class action lawsuits from users after the company has been hacked three times in a row. A large amount of user data has been leaked, causing these users to face personal threats such as identity theft and credit card swiping.

IT House reported hackers on the company in August last year, December last year and February this year.

In August last year, the account of an employee of LastPass was hacked, which led to the outflow of some internal software and technical information, which eventually led to illegal copying of the Vault containing "user's company name", "email address", "IP information", "home address" and "password".

In December last year, hackers hacked into LastPass's third-party storage server and obtained key information about some customers.

In February this year, hackers stole valid credentials from senior DevOps engineers and once again obtained repository information and accessed users' cloud storage environments by sharing data.

▲ Tuyuan LastPassLastPass was sued by users in January and April, when an anonymous user under the pseudonym "John Doe" filed a class action against LastPass in the Massachusetts local government, claiming that "data leaks from LastPass led to the theft of $53000 worth of bitcoin assets."

In January this year, several LastPass users sued in a California court, claiming that "because of LastPass's loose and unreliable security policy, user-sensitive data can be arbitrarily read by unauthorized people since August 2022." It was only months after the password leak that LastPass issued a statement about the disclosure of users' critical information and "attempted to shift the blame to users".

Wladimir Palant, a personal blog security expert at ▲ source Wladimir Palant, analyzed the LastPass data breach and said that "several password breaches of LastPass may have enabled hackers to use the data to build a complete password archive." another security expert, Jeremi M Gosney, said that "LastPass's Vault only sounds secure on the name, and recommends users to switch to other reliable password management tools."

▲ diagram source Jeremi M Gosney

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.