Tuesday, June 23, 2015
I think most people have heard about the OPM - Federal (US) Office of Personnel Management - breach in which personal information on over 4 million people, including security clearance information, possibly dating back to 1985 was stolen in attack on federal computers. Everyone agrees that this one was big and bad. But also in the news was the breach of information at LastPass, and there is far less consensus on the impact.
LastPass is a password vault - a program that lets you store all your passwords in an encrypted "safe". I've talked about password vaults many times in the past. I have always recommended the use of a password vault and I still do.
First, let's discuss what happened.