An email relating to an unauthorized access attempt was sent to dozens of users, but the company denies any data leak: "No evidence of compromise of credentials by third parties, warnings probably activated due to a misunderstanding" 29 Dec 2021 Veronica Balocco
The LastPass password management app, used as a vault to protect each user's passwords with a single master key, called the "master password", would have been the victim of an extensive operation attempting to access subscriber data. According to initial surveys, dozens of users have received emails warning of an attempt to access unauthorized accounts, promptly blocked. To link the activities, a series of Brazilian internet addresses, from which the operations would start. Meanwhile, while the reports followed one another both on the Hacker News forum and with various posts on Twitter, LastPass reassured the subscribers to the service, stating that no data was stolen. "LastPass has reviewed recent reports of blocked login attempts and we believe the activity is related to a credential stuffing attempt. At the moment, we have no indication that access to the accounts has been performed correctly or that the service has been compromised by an unauthorized party ". The hypothesis of the app is therefore that the emails were started by mistake, due to a technical problem. Index of topics • Reports from multiple countries • The hypothesis: a simple technical error Reports from multiple countries Reports started popping up on the Hacker News forum after a LastPass user created a post highlighting the problem, stating that LastPass warned him of an attempt to log in from Brazil using his master password. Other users quickly responded to the post, noting that they experienced something similar. As the original @technology_greg poster points out in a tweet, some have even been warned of an attempt from Brazil, while other attempts have been traced back to different countries. This, understandably, raised concerns that a breach had occurred.