buffy Posted July 27, 2016 Share Posted July 27, 2016 http://www.theregister.co.uk/2016/07/27/zero_day_hole_can_pwn_millions_of_lastpass_users_who_visit_a_site/ I suggest everyone disables the app NOW. Quote Link to comment Share on other sites More sharing options...
anode Posted July 28, 2016 Share Posted July 28, 2016 Already been fixed. Seems it was just a bug in the FireFox add-on https://blog.lastpass.com/2016/07/lastpass-security-updates.html/?utm_source=TWITTER&utm_medium=social&utm_term=Customer Serviced-tAnswering CS&utm_content=20160727d-t20160727174627 Quote Link to comment Share on other sites More sharing options...
akhnaten Posted August 2, 2016 Share Posted August 2, 2016 I can confirm this. However, I don't run Firefox. I run Chrome with the lastpass extension. I had it memorize the lastpass password. Fortunately, I have 2FA turned on in my lastpass account. Lastpass is the only site I use Lastpass Authenticator for. Over the last 24 hours I have gotten 3 authentication requests in LP Authenticator that I did not initiate myself. I just reset my password, so we will see if the requests drop off. I'm not going to let the LP extension remember my password anymore. Quote Link to comment Share on other sites More sharing options...
gartut Posted August 11, 2016 Share Posted August 11, 2016 Quote I had it memorize the lastpass password. That is amazing! Cyber Darwinism award right there! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.