CyberUnited LIFARS Recommends Immediate Action for LastPass Breach

Three Recommendations Appropriate for Most Major Breaches


SAN DIEGO, CA and NEW YORK, NY--(Marketwired - Jun 17, 2015) - Following this week's breach of a popular password management platform, LastPass, CyberUnited LIFARS, a joint venture between two of the nation's top cyber consulting firms, is recommending that users should take three immediate steps. First, change their master password; second, set up two factor authentication offered by LastPass; and third, let friends and colleagues know about the breach by forwarding an email from the joint venture's blog, "LastPass Breach: Key Facts." CyberUnited is a cybersecurity intelligence consulting firm, while LIFARS is a digital forensics and cybersecurity incident response firm.

"These are steps that LastPass has proposed for their breach but they are actually important actions for any breach," noted Darin Andersen, CEO of CyberUnited. "Breaches are in the news on a regular basis these days but consumers aren't always swift to respond because they feel the companies involved will take action for them. That's a dangerous supposition."

The hackers haven't been identified yet, but they were able to steal hashed user passwords, cryptographic salts, password reminders, and email addresses. LastPass has reported that there is no evidence that the hackers were able to open cryptographically locked user vaults where plain-text passwords are stored.

"Even if you weren't compromised, this serves as a good reminder that keeping your passwords fresh and strong is always a good idea," adds Ondrej Krehel, Founder of LIFARS. "LastPass and other password managers, such as Dashlane and Roboform, were created to address the issue that passwords are a notoriously poor form of security. People tend to make several mistakes by using weak, easy-to-remember passwords, re-using passwords across a multitude of accounts, and forgetting to change their passwords often enough, if at all."

According to the blog, in addition to better password best practices, multi-factor authentication is a key security feature that is recommended by many major technology companies including Google, with its Google Authenticator add-on, that improves security for many popular services.

About CyberUnited LIFARS

CyberUnited's high skilled strategic cybersecurity team and LIFARS, a New York City based digital forensics and cybersecurity intelligence firm, provide a full range of cybersecurity services and business intelligence to better prepare and defend against cyber threats.

CyberUnited LIFARS utilizes continuous monitoring through new products and services that enable organizations to reduce their chances of being attacked while also providing remediation techniques in the event that an attack is successful. In addition to disruption the traditional "prepare and recover" model used by traditional security consultants after a security incident, the venture also provides elite military-style cybersecurity breach preparedness training.