Skip to main content

Passwordstate users told to reset passwords following security breach

Scammers
(Image credit: Pixabay)

Users of enterprise password management platform Passwordstate have been warned to reset all the passwords contained within the tool.

Developer Click Studios has issued a warning confirming that attackers managed to compromise a patch for the Passwordstate platform. As users installed the patch, they were also unwittingly installing password-stealing malware which sent sensitive information back to its command & control server.

The campaign was allegedly active between April 20-22, and while Click Studios claims the servers have been knocked offline, criminals could still use the stolen data, should they bring the server back online.

The company did not elaborate on exactly how the criminals managed to breach their systems and compromise the patching feature, but they did email their customers with a cybersecurity fix.

While Click Studios said the number of affected organizations was relatively low, it still urged everyone to change their credentials as soon as possible. This could prove difficult however, as most of its clients are organizations that also store firewall and VPN passwords in the software.

Passwordstate

Password managers are small tools, usually embedded within browsers, that store login credentials for users. That way, they don’t have to put their organizations at risk by using the same credentials across different services, writing down passwords on pieces of paper or on their computer, or by setting weak passwords that are easy to remember. 

They can also be used to create strong passwords and to force users to update their passwords regularly. 

According to TechCrunch, Click Studios’ Passwordstate is currently used by more than 29,000 customers, including Fortune 500 organizations, various government institutions, banks, defense and aerospace organizations, and “most major industries”.

The affected customers were notified in a timely manner, but the media only picked up on it a few hours later, when a cybersecurity firm CSIS Group detailed the attack in a blog post.

Click Studios is yet to comment on the breach, but has been contacted for comment.

Via: TechCrunch