LastPass Reveals the Reason behind 12-Hour Massive Outage

admin


  • On Thursday of last week (June 6), LastPass was hit by a major outage that lasted for 12 hours and left users frustrated.
  • Users took to Reddit and X to share their grievances. Some of them even said that they plan on switching platforms.
  • Fortunately, the problem was fixed and service was restored. Apparently, a bad update to LastPass’s Chrome extension was causing the problem.

LastPass Finds Out the Cause behind Its 12-Hour Massive Outage

LastPass’s 12-hour-long outage, which occurred on Thursday (June 6), left users frustrated—to the point that a lot of them openly said that they’re considering switching to other password managers.

Well, perhaps that won’t be necessary. The good news is the company has finally figured out what caused the outage: a bad update to LastPass’s Chrome extension.

In simple words, for some reason, LastPass’s recent update to its Chrome extension triggered a denial of service on the company’s servers. The problem has been fixed and the service restored.

A Brief Timeline of the LastPass Outage

Around 1 PM ET on Thursday, a lot of users were facing trouble logging into their accounts and accessing their password vaults. A 404 error page was displayed, which means that the page does not exist.

Soon thereafter, LastPass customers started complaining about this issue on Reddit and Twitter (X). For example, a Reddit user wrote: “Even their offline login doesn’t work. I’m shifting my family over to 1Password.”

Another user complained about LastPass not having any contingencies in its infrastructure. This user was especially enraged because they were locked out of all websites.

What’s more, a Twitter user’s anguish was clearly visible when they wrote:

LastPass outage leaves users frustrated

What Does LastPass Have to Say about This Issue?

At around 8 PM ET, LastPass engineers finally managed to restore service and issued an update about the same on their status page. However, all wasn’t well, even after the update.

Users continued to complain that the platform was still not fully functional – some said that they were unable to log into LastPass, while others pointed out that some of the features weren’t working properly.

It wasn’t until the weekend that the service was completely restored and back to normal.

LastPass’s Downfall

It’s well worth noting that LastPass has been subjected to multiple operational and security issues over the last few years, making users slowly (but surely) lose trust in its services.

Troubles for LastPass began in 2015, when a breach exposed hashed master passwords. Then, in 2022, a group of hackers stole its source code and used it to access some “certain elements” of customer information.

Although the company later added that its users’ passwords were safe, a group of security researchers revealed in 2023 that the information stolen from this attack might have been used to steal over $35 million from the crypto wallets of more than 150 victims.

Similarly, last year, LastPass was hit by a massive security breach, which could have been easily avoided if a certain employee did not update a piece of software on their home computer.

The most recent LastPass attack occurred in April 2024, when LastPass users were hit by a major phishing scam. A lot of them received fake phone calls from hackers pretending to be LastPass employees.

Repeated incidents like these are not good for LastPass’s image, to say the least. This is also why we had to remove LastPass from our list of the best password managers. LastPass users who have made up their mind about jumping ship can consider industry leaders such as NordPass, 1Password, and Keeper.

It’s also worth noting that LastPass just recently decided to go independent, separating itself from its parent company, GoTo. This is indeed a positive step forward, but we’d like to see improvements in not only data privacy (including no more cyberattacks) but also user experience before we can consider putting LastPass back on our guides.

The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.



Source link

Leave a comment