Search
Close this search box.

LastPass Hack: Could a Simple Update Have Prevented it?

Share:

This week, LastPass, a widely used password manager, revealed that it had suffered a massive data breach caused by a hacker exploiting an unpatched software vulnerability.

This incident serves as a stark reminder of the importance of maintaining good cybersecurity practices to avoid falling victim to similar attacks, and the risks of not keeping software up to date.

The hacker installed malware on an employee’s home computer, which enabled them to capture keystrokes and steal the employee’s master password, giving them access to LastPass’s corporate vault.

But how did the hacker deliver the malware to the employee’s computer? LastPass initially stated that the hacker exploited a “vulnerable third-party media software package,” without disclosing any further details.

The Exploit That Led to the LastPass Data Breach

According to a report by PCMag, the hacker targeted the Plex Media Server software to load the malware onto the LastPass employee’s home computer. The exploited flaw is known as CVE-2020-5741, which was publicly disclosed by Plex in May 2020.

The vulnerability allowed an attacker with admin access to a Plex Media Server to abuse the Camera Upload feature to make the server execute malicious code. A patch was made available to users at the time, but the LastPass employee did not update their software to activate the patch.

The High Cost of a Simple Oversight: Lessons from the LastPass Hack

This incident highlights the importance of keeping software up to date. However, it is worth noting that the hacker already had admin access to the employee’s Plex Media Server account, suggesting they were already targeting the LastPass staffer and could have found other ways to infect their computer with malware.

Another mistake by LastPass was allowing the employees to use their home computer to access extremely sensitive data. The breach has damaged trust in LastPass, but the company has been working to improve its security in response.

Moving Forward After LastPass Data Breach: What Users and Companies Need to Know

This breach serves as a reminder of the importance of supporting good cybersecurity practices, such as regularly updating software and using strong passwords. It also highlights the risk of using personal devices to access corporate data, particularly in a work-from-home environment where security measures may not be as robust as in an office setting.

The incident underscores the need for organisations to implement strong security protocols, including multi-factor authentication and regular vulnerability testing, to minimise the risk of a breach. It is also a warning that companies need to be vigilant in checking their networks for unusual activity and responding quickly to any suspected breaches.

Picture of Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.

Contact

Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Company

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →

Services

Services

Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl
360

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution

Solutions
Resources

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →