LastPass security breach linked to $35 million stolen in crypto heists
www.theverge.com
Researchers found that almost every victim was a LastPass user.

More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

  • itsdavetho@lemmy.worldEnglish
    6·
    1 year ago

    How does bitwarden encrypt their passwords? Im just realising that since it works on both my laptop and phone with no configuration it can’t be overly nuanced

    • tony@lemmy.hoyle.me.ukEnglish
      141·
      1 year ago

      It’s encrypted on the client and bitwarden themselves can’t decrypt it (we assume, but there have been audits that seemed to confirm that).

      If you want to you can just run your own server then they can’t see the traffic at all.

      • RealHonest@lemmy.oneEnglish
        316·
        1 year ago

        Who’s we? You probably mean you assume. Bitwarden is open source so an assumption need not be made.

        • Mananasi@feddit.nlEnglish
          2·
          1 year ago

          There’s an assumption that the code you see is the code running on their server. And on top of that there’s lots of other software running on their servers.