As many may be aware, the password management provider LastPass has reported that they incurred two security breaches last year when threat actor's obtained access to a staff member's personal system. This ultimately provided the threat actor's with access to public cloud storage sites containing encryption keys to customer backup data.
While GNS neither makes use of, or supports the LastPass application as an enterprise solution for our clients, we do have concern that some individual's employed by our clientele may have been utilizing the application for personal use, and as such, could have experienced some vulnerability exposure due to these events.
GNS would simply like to direct any potentially affected individuals to the following LastPass support pages to receive more detailed information regarding the incidents and recommended actions to secure their existing LastPass accounts.
Should affected users have any issues in either interpreting or applying the recommendations, please feel free to reach out to GNS support for assistance. To do so, contact us at firstname.lastname@example.org.
Security Incident Update and Recommended Actions
Security Bulletin: Recommended Actions for Free, Premium, and Families Customers
Security Bulletin: Recommended Actions for LastPass Business Administrators
This press release was published on 03.03.2023. For more information, please contact Brian Andersen at email@example.com.