Black Arrow Cyber Advisory 23/12/2022 – Heightened Phishing Risk Following the LastPass Data Breach Incident

Executive Summary

Yesterday, LastPass provided an update to their ongoing investigations into a previously disclosed security incident as detailed in our Cyber Alert (referenced below). The investigation by LastPass had confirmed customer data had been accessed and downloaded by malicious actors which could lead to an increase of Phishing attacks.

What’s the risk to me or my business?

With malicious actors having access to customer data, including: “company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service” and URLs for end user accounts stored within the vault, there is a high chance of this information being used as part of targeted phishing attacks, focusing on the services that are known to have been used by the end user.

What can I do?

LastPass state that “it is important to know that LastPass will never call, email, or text you and ask you to click on a link to verify your personal information. Other than when signing into your vault from a LastPass client, LastPass will never ask you for your master password.

You should also employ the following tips to increase protection from phishing scams:

1)      Adopt a zero-trust stance – Regardless of the application or sender, you should always be wary, even if a message looks legitimate at first glance.

2)      Avoid using the contact information from a suspicious message - If you need to contact the sender of message to verify the contents of a message, look up their contact information separately using a trusted source.

3)      Employ Multi-factor Authentication (MFA) as another layer of protection, so more than just your password is required to login to a service.

4)      Don’t click on links or open attachments unless you’ve requested and know you can trust them.

Further information relating to Black Arrow’s Cyber alert can be found here: Black Arrow Cyber Consulting — Black Arrow Cyber Alert 22/12/2022 – ACTION REQUIRED: LastPass Security Incident Update

Further information on this security incident provided by LastPass can be found here: Notice of Recent Security Incident - The LastPass Blog

Further information on LastPass advice for avoiding phishing scams can be found here: LastPass - Avoiding Phishing Scams

Previous
Previous

Black Arrow Cyber Threat Briefing 23 December 2022

Next
Next

Black Arrow Cyber Alert 22/12/2022 – ACTION REQUIRED: LastPass Security Incident Update