Binance CEO CZ is warning crypto investors of a data leak from LastPass, a major password manager. The platform came to the fore with a hack attack for the second time in three months.
Binance CZ warns of possible hacking
LastPass reported that it was hacked for the second time in three months by the same unauthorized person. CEO Karim Toubba announced Wednesday that the company detected “unusual activity” in a third-party cloud storage service, but customers’ passwords remained securely encrypted. “We immediately launched an investigation,” Toubba said in a statement. “We commissioned Mandiant, a leading security firm, and alerted law enforcement,” he said.
Following the incident, CZ is warning crypto investors of a potential security breach. He had given a similar warning before about 3Commas’ APIs.
CZ invites the crypto community to take a few simple precautions against a possible data breach. Specifically, it recommends enabling two-step authentication. Following the LastPass hack, he wrote on Twitter:
LastPass recently suffered a breach. I recommended this password manager earlier in my blog post. They claim it has no effect on client passwords as it needs to be encrypted on the client side, but it’s best to make sure you have 2FA enabled.
LastPass has provided an update. The hacker has all user information unencrypted, including email address and website URLs. If you have reused passwords for the master password or you have a weak master password, it is possible for the hacker to get hold of all the credentials.
What did LastPass say?
Password manager recently reported that a hacker has infiltrated its storage service. On December 22, the platform prepared a report on the security breach describing its side of the case. As Binance CZ said above, LastPass says the hacker may have gotten some user data. The firm recommends taking some precautions now, including what CZ said:
- Since 2018, we’ve required a minimum of twelve characters for master passwords. This greatly minimizes the ability of successful brute-force password guessing.
- To further enhance the security of your master password, LastPass uses a stronger-than-normal implementation of 100,100 iterations of the Password Based Key Derivation Function (PBKDF2), a password-strengthening algorithm that makes your master password harder to guess. You can check the current PBKDF2 iteration count for your LastPass account here.
- We also recommend that you never reuse your master password on other websites. If you reuse your master password and it has been compromised, a threat actor can use dumps of compromised credentials already available on the Internet to try to access your account (this is called a “credential stuffing” attack).
cryptocoin.com We have reported a Binance hack that occurred in October. Binance CZ urges the crypto community to take action against the LastPass data leak, a password storage solution used by millions of people. If you are a LastPass user, it will be useful to follow the steps above.
Contact us to be instantly informed about the last minute developments. twitter‘in, Facebookin and InstagramFollow and Telegram and YouTube join our channel!
Risk Disclosure: The articles and articles on Kriptokoin.com do not constitute investment advice. Bitcoin and cryptocurrencies are high-risk assets, and you should do your due diligence and do your own research before investing in these currencies. You can lose some or all of your money by investing in Bitcoin and cryptocurrencies. Remember that your transfers and transactions are at your own risk and any losses that may occur are your responsibility. Cryptokoin.com does not recommend buying or selling any cryptocurrencies or digital assets, nor is Kriptokoin.com an investment advisor. For this reason, Kriptokoin.com and the authors of the articles on the site cannot be held responsible for your investment decisions. Readers should do their own research before taking any action regarding the company, assets or services in this article.
Disclaimer: Advertisements on Kriptokoin.com are carried out through third-party advertising channels. In addition, Kriptokoin.com also includes sponsored articles and press releases on its site. For this reason, advertising links directed from Kriptokoin.com are on the site completely independent of Kriptokoin.com’s approval, and visits and pop-ups directed by advertising links are the responsibility of the user. The advertisements on Kriptokoin.com and the pages directed by the links in the sponsored articles do not bind Kriptokoin.com in any way.
Warning: Citing the news content of Kriptokoin.com and quoting by giving a link is subject to the permission of Kriptokoin.com. No content on the site can be copied, reproduced or published on any platform without permission. Legal action will be taken against those who use the code, design, text, graphics and all other content of Kriptokoin.com in violation of intellectual property law and relevant legislation.