Incidentes de seguridad o brechas

Todos hoy en día estamos expuestos a sufrir ataques o brechas de seguridad, lo que nos caracteriza es la respuesta que damos ante ellas.
En Agosto de 2022, hemos recibido esta notificación por parte de LastPass y de Plex.

A continuación exponemos los comunicados en los que claramente se explica el incidente de LastPass,

fuente: https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/

Notice of Recent Security Incident

To All LastPass Customers, 

I want to inform you of a development that we feel is important for us to share with our LastPass business and consumer community. 

Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults. 

We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information. Our products and services are operating normally.

In response to the incident, we have deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm. While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity. 

Based on what we have learned and implemented, we are evaluating further mitigation techniques to strengthen our environment. We have included a brief FAQ below of what we anticipate will be the most pressing initial questions and concerns from you. We will continue to update you with the transparency you deserve. 

Thank you for your patience, understanding and support. 

Karim Toubba

CEO LastPass

FAQs

1. Has my Master password or the Master Password of my users been compromised? 

No. This incident did not compromise your Master Password. We never store or have knowledge of  your Master Password. We utilize an industry standard Zero Knowledge architecture that ensures LastPass can never know or gain access to our customers’ Master Password. You can read about the technical implementation of Zero Knowledge here

2. Has any data within my vault or my users’ vaults been compromised? 

No. This incident occurred in our development environment. Our investigation has shown no evidence of any unauthorized access to encrypted vault data.  Our zero knowledge model ensures that only the customer has access to decrypt vault data. 

3. Has any of my personal information or the personal information of my users been compromised?

No. Our investigation has shown no evidence of any unauthorized access to customer data in our production environment.  

4. What should I do to protect myself and my vault data? 

At this time, we don’t recommend any action on behalf of our users or administrators. As always, we recommend that you follow our best practices around setup and configuration of LastPass which can be found here.

5. How can I get more information?

 We will continue to update our customers with the transparency they deserve.

Y este es el comunicado de PLEX.tv

Dear Plex User,
We want you to be aware of an incident involving your Plex account information yesterday. While we believe the actual impact of this incident is limited, we want to ensure you have the right information and tools to keep your account secure.
What happened
Yesterday, we discovered suspicious activity on one of our databases. We immediately began an investigation and it does appear that a third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords. Even though all account passwords that could have been accessed were hashed and secured in accordance with best practices, out of an abundance of caution we are requiring all Plex accounts to have their password reset. Rest assured that credit card and other payment data are not stored on our servers at all and were not vulnerable in this incident.
What we’re doing
We’ve already addressed the method that this third-party employed to gain access to the system, and we’re doing additional reviews to ensure that the security of all of our systems is further hardened to prevent future incursions. While the account passwords were secured in accordance with best practices, we’re requiring all Plex users to reset their password.
What you can do
Long story short, we kindly request that you reset your Plex account password immediately. When doing so, there’s a checkbox to «Sign out connected devices after password change.» This will additionally sign out all of your devices (including any Plex Media Server you own) and require you to sign back in with your new password. This is a headache, but we recommend doing so for increased security. We have created a support article with step-by-step instructions on how to reset your password here.
We’d also like to remind you that no one at Plex will ever reach out to you to ask for a password or credit card number over email. For further account protection, we also recommend enabling two-factor authentication on your Plex account if you haven’t already done so.
Lastly, we sincerely apologize to you for any inconvenience this situation may cause. We take pride in our security system and want to assure you that we are doing everything we can to swiftly remedy this incident and prevent future incidents from occurring. We are all too aware that third-parties will continue to attempt to infiltrate IT infrastructures around the world, and rest assured we at Plex will never be complacent in hardening our security and defenses.
For step-by-step instructions on how to reset your password, visit: https://support.plex.tv/articles/account-requires-password-reset
Thank you,The Plex Security Team