Submitted by CrankyBear t3_11ehnrr in technology
goatAlmighty t1_jaeg6in wrote
Reply to comment by LioydJour in LastPass Says DevOps Engineer Home Computer Hacked by CrankyBear
I read that it happened at home, but that doesn't make anything better, imho. For something important like that, there should be a dedicated machine that is used for nothing else.
And if the employee really used the same password twice, given the company they work for, that would be unbelievably stupid.
LioydJour t1_jaekbgg wrote
The key logger was on the employee’s personal non work issued computer. Not their work station. What location it happened in is irrelevant here because you can work remotely and the expectation is your work device is just as secure as it would be on site. Nothing happened on their workstation.
They gained access to the employees master password when the employee was using their personal device and that gave them access to the employees corporate vault. That’s where it’s odd because why would they allow their employees to share their personal and work vaults. Don’t quite yet understand that link. They should be two separate accounts and two different vaults.
Viewing a single comment thread. View all comments