Billions of Android and iPhone users warned not to trust the popular password feature due to a “catastrophic breach”.

A POPULAR password manager app has released new details about a major data breach.

LastPass revealed the new details regarding this blog on it and is now being slammed by security experts.

1

A Report by Vice even warned outlet readers to ditch the app and try a new password manager.

The new LastPass blog reveals details about a “second incident” that happened during a major data breach last year.

It states: “Our investigation found that the threat actor deviated from the initial incident, which ended on August 12, 2022, but was actively engaged in a new set of intelligence, enumeration and exfiltration activities targeting the cloud storage environment.” were aligned August 12, 2022 to October 26, 2022.”

It describes how a hacker accessed the home computer of one of the four engineers who had access to a cloud vault containing private customer information.

The criminal stole important access keys.

These keys are needed to access “LastPass production backups, other cloud-based storage resources, and some related critical database backups,” according to the blog.

Late last year, LastPass CEO Karim Toubba admitted that cybercriminals stole “huge amounts of customer data, including names, email addresses, phone numbers, and some billing information” as part of the overall attack.

LastPass recommended its customers that the best thing to do right now is to change their Master Password.

This should mean that your current LastPass vault would now be backed up.

The company noted that it would be wise to change all passwords on your vault, especially those with personal and important information like bank accounts.

However, some people don’t believe that simply changing your LastPast details is enough to protect your apps on iPhone or Android.

Twitter is full of tweets expressing concerns about people still using LastPass.

One person said: “1. Use a password manager (NOT LASTPASS, obv). They create unique passwords for your accounts so you don’t reuse the same one. Try @Bitwarden or @1Password (not version 8 though, it’s terrible). “

Another retweeted a post about the injury, adding: “If you use LastPass, please don’t.”

However, some experts are championing the app.

Security researcher MG tweeted, “Just to be clear, while there’s a lot to criticize about the LastPass product, the transparency of what’s been posted today is great.

“It actually gives me some hope that I didn’t have before. The attacks shown here could happen to any company.

“Most would have handled it much worse. LastPass has a much higher goal on its back than most companies, so hopefully they’re modifying the product to accommodate that.”

We reached out to LastPass for comment.