๐Ÿšจ critical ๐Ÿ” Cryptographic Nightmares

admiralgroup.co.uk

Enterprise LastPass master key leaked to DNS

$ dig TXT admiralgroup.co.uk

;; QUESTION SECTION:

;admiralgroup.co.uk. IN TXT


;; ANSWER SECTION:

admiralgroup.co.uk. 3600 IN TXT "lastpass-JBRtp8B#[REDACTED]"

What Happened

Admiral Group, a FTSE 100 insurance giant, leaked an enterprise LastPass string containing what looks like a master password or shared folder key. The string `lastpass-JBRtp8B#SaQ5t...` was fully readable in global DNS. We've redacted the sensitive portion.

Full TXT Record Value
lastpass-JBRtp8B#[REDACTED]