<- Back to all blog posts

Security Digest: Secure ALL of your Devices

March 7, 2023

Are you searching for a way to enhance your organization's security awareness training? Look no further than Haekka! Schedule a demo with us to discover how we can help you reduce costs by 75% while boosting employee satisfaction with our training by 81%.
Schedule a demo

đź”’ Password managers play a vital role in protecting your online accounts by creating and storing strong, unique passwords. One of the popular password managers is LastPass, which allows users to securely store their passwords.

Unfortunately, in a major data breach that took place last fall, LastPass faced a security breach, which led to the exposure of customer data, including their password vaults. Recently, new information has emerged about how this breach occurred, highlighting the need for continued vigilance and precaution when it comes to online security.

LastPass had taken appropriate measures to limit access to customer data limiting it to a select few employees (only 4 out of approximately 600 employees had access). Moreover, accessing the database that stored the customer data required multiple layers of authentication.

🔑 The attackers responsible for the LastPass data breach had prior knowledge of the four employees with access to customer data. They specifically targeted these employees and successfully installed a keylogger, which is a tool that captures keystrokes from a keyboard, on one of the employees' personal computers. This was accomplished by exploiting a known vulnerability in a personal software platform installed on the targeted employee's computer. Since the employee had their password vault stored on the same personal computer, the attackers were able to obtain access to the stored credentials, essentially providing them with complete control over the employee's account and data.

The LastPass data breach was a highly targeted and sophisticated attack. Although the specific chain of events leading to the breach was unique, the incident underscores a crucial lesson for all of us:

⚡️ Each device, application, and account that we use is a potential gateway to our personal digital data and our company's sensitive information. ⚡️

It is critical to recognize that the security of our personal and company data is only as strong as the weakest link in our digital lives. Thus, it is imperative that we remain vigilant and take appropriate measures to secure our devices, applications, and accounts to minimize the risk of a breach.

----

Want to subscribe your team to weekly posts like this in Slack? Check out Heakka Streams. All Streams are 100% customizable by admins before they are sent to your team.

Schedule a demo

Start delivering training via Slack today.

Get started with a free trial by scheduling a demo today. One of our training experts will walk you through a live Haekka demo.

Excellent! We received your demo request. You should be redirected to our scheduling system. If you ran into an issue, please contact us.
Hmm. Something went wrong while submitting your form.
Please refresh and try again.