Yesterday, LastPass, a popular password management service, experienced an almost 12-hour outage, leaving its users locked out of their accounts. The company attributed the outage to a faulty update to its Google Chrome extension.
The outage began around 1 PM ET, with users suddenly unable to access their password vaults or log into their accounts. Instead, they were met with “404 Not Found” errors, indicating non-existent pages. The impact was immediate and widespread, with LastPass customers expressing their frustration on platforms like Reddit and Twitter.
One user on Reddit stated, “Even their offline login doesn’t work. I’m shifting my family over to 1Password.” Another user lamented the lack of contingencies in LastPass’s infrastructure, saying, “I am essentially locked out of all the websites I use until they fix this.”
By approximately 8 PM ET, LastPass announced that they had resolved the issue. They explained that the problematic update to the Chrome extension had put excessive stress on their servers. “Our engineers have identified that an update to our chrome browser extension earlier today inadvertently caused load issues on our backend infrastructure,” read the LastPass status page.
Despite assurances that the performance was now stable and operational, users continued to report issues into the next day. Some users found that they were still unable to log into LastPass, or certain features didn’t work, suggesting that the outage had a longer-lasting impact than initially stated.
One user review on the Chrome web store read, “Won’t work in Chrome since the last update. I can access my vault, but cannot launch any of the sites I have in it. Clicking the ‘Launch’ button does nothing!!”
While it remains unclear what specific changes were made to the Chrome extension, the fact that it affected the company’s online services suggests that the extension was generating too many requests, effectively causing a DDoS attack on the platform.
In a statement about the outage, LastPass said, “LastPass customers may be experiencing login issues and product latency due to an update to our Chrome browser extension earlier today which inadvertently caused load issues on our backend infrastructure. The LastPass engineering team is actively working diligently to resolve these issues as quickly as possible.”
This incident serves as a stark reminder of the dependency users have on such services and the need for robust contingency plans. As we continue to entrust our digital lives to third-party services, it’s crucial that these services are equipped to handle unexpected issues swiftly and efficiently.
You may also like:- Netcat and Its Practical Use Cases
- How to Use Shell Scripting for Penetration Testing
- How to Use Security Testing Tools for CISSP Exam
- How to Use Kali Linux for OSINT Automation
- Top Cybersecurity Certifications That Will Be in Demand in 2030
- Top 4 Best Cybersecurity Certifications That Lead to Six-Figure Salaries
- How to Use CISSP Certification to Advance Your Career Long-Term
- 37 Key Checks for Effective Bug Bounty Hunting
- CISSP Exam Format Explained – What to Expect on Test Day
- The OWASP Top 10 – What CISSP Candidates Must Know
