Xmarks bookmark sync passwords safe, says LastPass
'Different network, different databases' from one possibly hacked, claims CEO
Computerworld - LastPass said Thursday that hackers did not obtain passwords linked to Xmarks, the browser synchronization service the company acquired last December.
Earlier in the day, LastPass forced customers to reset their master passwords after detecting a "traffic anomaly" that may have been a hacker intrusion.
But Xmarks passwords were not affected, and users of the browser plug-in -- available for Internet Explorer, Firefox, Chrome and Safari -- were not required to come up with a new password.
"Xmarks users are not impacted that we can see," said LastPass CEO Joe Siegrist in an email reply to questions Thursday. "Different machines, networks, databases."
LastPass, an online password management company that bills its free and for-pay service as "The Last Password You'll Have to Remember," acquired Xmarks late last year.
Before selling to LastPass for an undisclosed sum, Xmarks, which synchronizes browser bookmarks across multiple computers, browsers and operating systems, was ready to pull the plug on its service. In September 2010, Xmarks said it could no longer compete with the sync services built into Chrome and Firefox.
Later, Xmarks ran a pledge drive that asked users to promise to pay $10 annually for the service.
In an interview late Thursday with PCworld -- like Computerworld, an IDG publication -- Siegrist said that at the worst, the danger to LastPass users was "a one in a million kind of a risk."
Read more about Application Security in Computerworld's Application Security Topic Center.
- The DDoS Threat Spectrum Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- How to Keep Company Assets Secure with Federated Identity and Access Management This Technology Spotlight discusses the growing need for security in today's cloud-based, mobile world of IT, and the rise of SaaS-based solutions.
- Security, Privacy and Trust in Email Management This white paper discusses a SaaS-based email management solution that delivers the security, continuity and archiving capabilities your organization demands.
- Unifying Secuirty Operations Agile enterprises know that the way to quickly identify and react to threats to the business is to break down operational siloes by...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Application Security White Papers | Webcasts