January 11 • 2023

Key takeaways from the LastPass Data Breach

Cybercrime is low risk, low investment, and high return. Not surprisingly, illegal financial gain is one of the biggest reasons for cyber-attacks. The result is a predicted USD 10 Trillion of damages by 2025. Our vision is to change that.

written by Rob Tharle, Head of Product

Data breaches are at the heart of most frauds and scams with the data used directly or indirectly by fraudsters and cybercriminals. They help them find people to target and convince them they are genuine by telling them supposedly secret information. At CYBERA we’re here to disrupt cybercriminals helping both victims and institutions to help prevent abuse and deal with the it once its happened. 

Breaches are a common occurrence, and a new breach at LastPass is worrying. Back before the New Year, on 23rd December, LastPass announced they had a second breach following on from one announced in August 2022. Whilst it got some press at the time due to the holiday period, its only in the last couple of weeks it’s been getting fully analysed.

This time data from the first breach was used to take consumer data. It needs to be said that a lot of the datawas encrypted (e.g. passwords), but not all of it was (e.g. URLs of the websites).

I’ll not cover the technical details here as there are number of detailed breakdowns available for example here courtesy of Peter Taylor and Daniel Card

The reality is that if your LastPass master password was strong, (i.e. long and hard to guess), then the encrypted data should be safe at least for a while. If not, then urgent action is required.

In any instance LastPass users should:

No, it doesn’t. Password managers are part of multi-layered approach to you online security and if used correctly, will help keep you safe, by having strong, unique passwords for each website you use. Clearly many propel are still using very weak passwords as this article makes clear.

A password manager should be layered with use of two/multi factor authentication (2FA/MFA) for sensitives sites.

Hopefully 2023 will also see the beginning for the end for passwords with the introduction of FIDO passkeys.

Passkeys – 2023 is hopefully the start of the end of passwords

What is a passkey & how do they work?

A passkey is a digital credential that is tied to a particular website (for that user).  Using public key cryptography and the FIDO alliance standards each website can have a unique passkey. The passkey will then only be used with the genuine website or app and when approved with the users private key. 

What are the benefits?

Security and usability are key benefits for numerous reasons:

When and where are they available?

Passkey support is available from Apple, Google and Microsoft now, although you may need to upgrade OS levels or to the latest browser versions. Support is dependent on individual websites and apps.

For more details on passkeys see here: https://fidoalliance.org/passkeys/#faq                                   

Data breaches and data compromise are the seed of most cybercrimes, so prevention is usually easier than curing the problem after its happened, so strong security for both firms and consumers is key. Therefore., strong web security is key element of protecting yourself online.  Have a look at our security tips here [link] for more information on how to protect yourself online. 

The use of encryption and public key cryptography can  help in the fight against data breaches. But when you’ve been a victim of cybercrime, CYBERA can help. If you have been a victim of a cybercrime you can use our CYBERCRIME COMPLAINT TM to report your fraud/scam via one of our partners:

CYBERA can also help with asset tracing for crypto, to find exactly where the coins are and request the exchange freeze them, increase the chances of recovery.


At CYBERA we’re on a mission to stop money laundering and help protect customers from scams and other financial cybercrime. We close gaps that allow cyber criminals to thrive by sharing crime data in real-time with financial institutions, fintech, and crypto exchanges, and coordinating a global response to support customers who have become victims of financial cybercrime.

CYBERCRIME WATCHLISTTM helps support firms to reduce fraud and money laundering and meet the requirements of the CRM as part of a holistic fraud and financial crime strategy.

Financial Institutions (FIs) can check against the CYBERCRIME WATCHLISTTM for confirmed mule accounts when processing payments. For outbound & inbound payments, where there is a match on either IBAN (Account Number & Sort code) or on Name the transaction can be flagged as high risk.

At account opening and ongoing CDD, email, phone and name can be used to match to CYBERCRIME WATCHLISTTM to reduce opening new mule accounts.CYBERCRIME COMPLAINTTM further supports by providing users with alerts of any of their accounts reported as mules directly in their dashboard.