In early August 2022, LastPass became aware of a breach where a hacker had compromised a LastPass developer's laptop to steal source code and access the company's cloud-based development platform. This was a particularly tough year for LastPass, with an initial hack in August causing shock waves that would continue into 2023. But in 2022, another attack did indeed come. It took some time for LastPass to run into another cyberattack after the initial 2015 incident. But regardless of this, the presence of trackers in the LastPass Android app left a bad taste in the mouths of security analysts and users. It was also stated that the analytics element of the LastPass app was an optional feature that users could disable in their advanced settings. LastPass emphasized that this was done to get insights into "application telemetry, error and crash reporting data, as well as high-level usage statistical information to ultimately improve the overall performance, reliability and usability of. In response to this criticism, LastPass informed users that it does use analytics tools. The presence of the trackers alone, however, was noted by Kuketz to be bad practice for an app that needs to prioritize security. Kuketz underlined that the LastPass Android app needed to be checked manually to discern whether the trackers were actively keeping tabs on users. Granting access to marketing analytics platforms in this way was condemned by Kuketz, who wrote that LastPass's approach is "extremely questionable in terms of security." Kuketz also listed the seven trackers found in the LastPass Android app, which included trackers from Google Analytics, Segment, and AppsFlyer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |