And the big one, deserving of its segment, is LastPass. While the show was away, LastPass further commented on the breach from August. Hackers have user password vaults. The company insists that login information is secure, encrypted, and behind the master password. Security experts are crucial to this assessment.
Security researcher Wladimir Palant, a security researcher known for helping originally develop AdBlock Pro, released a lengthy blog breaking down his criticisms, particularly how the company is discussing the incident and how transparent they are.
Why do we care?
Bias first, I’m a customer of LastPass. I will leave the technical analysis for security professionals and have included the links to articles to explore.
What I care about is the apparent need for more transparency. When it comes to a security issue, that’s problematic, and it damages trust. Service providers should take heed – crisis management is simple. Overcorrect, over-communicate, and be proactive. Anything less damages trust… and that’s what LastPass has done here more than anything.