LastPass Sentry Alerts

Have questions about LastPass, or having problems using it? Ask for help here!

Moderators: admin, Israel, anatoly_LP, chantieLP, robyn, JoeSiegrist

LastPass Sentry Alerts

Postby john465 » Wed Feb 26, 2020 3:54 pm

After undertaking the Security Challenge, I got a couple of emails that, quite honestly, I have no idea what they are saying / what I should do. Extract:

Here's your data compromise report. If you didn't request this report, your email may be associated with a site in someone else's LastPass vault. We send a report when your email is associated with a website that may have been involved in a security breach. We suggest changing your password for each listed site.

Exposures detected: 13 (New since last report: 2)

New exposures are in bold below.
________________________________________
2020-02-10
collection #2 - General Splits Combo lists - part 2
________________________________________
2020-02-13
collection #2 Trading Collection combos
____________________________________
2016-07-31
exploit.in database compilation
________________________________________
2016-12-23
Anti Public
________________________________________
2017-01-01
cpps.me
________________________________________
2018-11-27
Unknown source (2018-11-27 23:15:58)

____


Correct me if I'm wrong, but I cannot see any website that is being reported!. Help!!?
john465
 
Posts: 4
Joined: Wed Jul 24, 2013 4:01 am

Re: LastPass Sentry Alerts

Postby esa442 » Tue Mar 03, 2020 8:07 am

What I've realized that this is a bit like the virus scanner alerts we used to get unnecessarily: lastpass needs to prove it is needed.

There is no actionable information here (apart from cpps.me), so as an alert it is meaningless.
esa442
 
Posts: 1
Joined: Tue Mar 03, 2020 8:04 am

Re: LastPass Sentry Alerts

Postby markny » Sat Mar 28, 2020 10:14 pm

Agreed. in addition, each time you run security challenge, it repeats the same old information that have since been addressed via change of password on specified sites. would be nice to be able to advise somehow that a reported issue has been addressed. or better yet, auto detect (i.e. they know i've changed these passwords since they detected the issue), and then stop reporting everytime.....
markny
 
Posts: 1
Joined: Wed Apr 13, 2016 11:04 am

Re: LastPass Sentry Alerts

Postby RickFreud2020 » Sun Apr 12, 2020 6:35 am

I still have no idea what "collection #2 Trading Collection combos" is and now I see a new "Unknown source (2017-05-23 0:49:10)"

cant tell which websites or passwords were compromised.
RickFreud2020
 
Posts: 1
Joined: Sun Apr 12, 2020 6:33 am

Re: LastPass Sentry Alerts

Postby reticulate19 » Thu Apr 16, 2020 1:24 pm

Here are my weird sentry alerts??


2019-01-31
cafepress.com

2020-02-13
collection #2 Trading Collection combos
reticulate19
 
Posts: 4
Joined: Mon Jun 15, 2015 5:45 pm
Location: Maryland

Re: LastPass Sentry Alerts

Postby bsm328 » Sun Apr 19, 2020 5:28 pm

I understand your frustration when Lastpass does not provide a specific website, e.g., collection #2. However, that's because a specific website was NOT part of the data released/sold. When Lastpass gives a specific site, go there, change your password immediately.
For the collections breaches, my suggestion is to use the 'have i been pwned' site to check your passwords and/or start changing your passwords, starting with the most crucial ones. (Yes, I know, hours of work!)

More details:
LastPass and others cannot always provide additional information about which website was hacked because what the bad people sold/put out on the web was only an email and password (no site information), which the bad people can use (via bots, not manually) to probe websites or to email you and blackmail/threaten/scare you. (E.g., I have been sent a blackmail email from someone who had only my email and my (old) password and wanted bitcoin. Deleted that immediately.)

Troy Hunt is an extremely good, reliable source of information about the collections of data involved in data breaches.
If you want to read about his examinations of collections 1-5, see this post: https://www.troyhunt.com/the-race-to-the-bottom-of-credential-stuffing-lists-and-collections-2-through-5-and-more/

He has helpfully created a site where you can check which usernames and which passwords were in the data breaches, the 'have i been pwned?' site: https://haveibeenpwned.com/
Again, sometimes the stolen & released data contained username + password or email + password (no specific site) and that's why we get Lastpass saying "collection #2" and so forth. That's all the info we have because that's the info the bad people have.

Hope this helps. Be well everyone.
bsm328
 
Posts: 1
Joined: Sun Apr 19, 2020 5:11 pm

Re: LastPass Sentry Alerts

Postby reticulate19 » Fri May 01, 2020 8:59 am

Thank you that makes perfect sense.
I have been doing that ,but some of the hacked sites no longer exist so I am unable to do anything about them.lol
reticulate19
 
Posts: 4
Joined: Mon Jun 15, 2015 5:45 pm
Location: Maryland


Return to General Support & Troubleshooting

Who is online

Users browsing this forum: Google [Bot], Google Feedfetcher, Majestic-12 [Bot] and 54 guests