Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Kudos to the CEO for disclosing this as it's happening and writing the post. This disclosure post is direct, forthright about what's known, specific about engaging help, and explicit about notifying people as more happens. Hacking sucks, but the CEO's post is IMHO on the right track.


(this subthread was originally part of https://news.ycombinator.com/item?id=33809508, but we merged the comments hither)


Ridiculous take. Absolutely zero kudos because it was obvious to everyone that this was the most likely outcome way back in August. Back in August the company issued a bullshit statement that they'd ruled out that the intruder accessed customer data. Now they are saying they did lose customer data.


Is this the same incident as the August incident (https://blog.lastpass.com/2022/11/notice-of-recent-security-...)? From this blog post, it’s not clear to me that they are.

EDIT to correct: Thanks to the link posted by u/voganmother42, this is indeed related!


Not to mention, this is mentioned nowhere on the LastPass page itself - only on that of the corporate owners.


Depending on the specifics it may be a legal requirement to disclose. FTC does not look fondly in hiding data breeches. At all.


Hacking is why we’re here. It’s criminal and exploitative behavior that sucks.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: