SUN CITY — The Sun City Computer Club sent an alert to its members regarding a serious data breach at LastPass, a major software provided of Password Management software. The Computer Club featured password managers at a recent club monthly meeting.
The alert was written by Ken Czerwinski, a club board member and the Technical Director at Huntley Radio. In it, Czerwinski commented that he has “used and recommended using the LastPass password manager for about 12 years and has over 800 passwords stored in it. It had been very reliable and reputable.”
Czerwinski continued, “Recently it has been learned that LastPass had been hacked and a backup copy of their entire database had been stolen. So far, how old the backup copy is, has not been disclosed. I have read that many users are leaving LastPass for other password managers like BitWarden, 1password, DashLane, Roboform and others. That raises concern for how long LastPass will remain in business.”
Unfortunately, not all data is encrypted.
He added, “I’ve also learned that while LastPass did encrypt user IDs, passwords and other security information, they did not encrypt all data stored in LastPass. Data such as names, addresses, birthdates, notes and web site addresses were not encrypted and could be easily read from the database backup.”
Czerwinski cautioned that action is needed.
“You should immediately change any of the most important account passwords. Changing your master password is a good idea but it’s not a fix for this problem. Since the database that was stolen is an older backup, the thief has all your encrypted passwords and can focus on unencrypting only the most important ones like your bank password,” he said.
He concluded, “Should you decide to move to another password manager, it is not a difficult process. You can log into your LastPass account, go to Advanced Options and select Export. You will receive an email to verify that you requested the export. Respond to the email and follow any further instructions to complete the export. If you choose to use this export option, be sure to protect the extracted file as it is completely unencrypted and fully readable”
The Computer Club lab is located in Meadow View and open on Monday and Thursday mornings. Members have free access to the club’s tech support staff for assistance with a wide range of issues.