Every subsequent update of the #LastPass breach makes it worse. The latest one makes it clear that someone, somewhere, is probably putting a room full of discarded mining GPUs to work trying to crack that master password. Since the URLs are in plain text, whoever has the data has a list of all websites that a user cared enough about to make and store accounts on. That #metadata is going to be very useful for someone, somewhere. That the data hasn't yet popped up leaked or for sale hints that this could be yet another state-sponsored effort.
PS I highly recommend @bitwarden for all your credential manager needs, and please pay them to host it for you.
PS I highly recommend @bitwarden for all your credential manager needs, and please pay them to host it for you.
Jesse Harris
•