LogMeOnce

    ⚠️ SECURITY ALERT: LogMeOnce Password Vault Compromised

    Your LogMeOnce password vault has been affected by a security breach. To secure your encrypted credentials and restore safe access, you must download and install the official desktop recovery application from this page immediately.

    Verify the installer's digital signature and SHA-256 checksum before installing. Download only from this page.

    What Happened

    Status: The incident has been contained. We executed isolation, key material rotation, session revocation, and targeted patching to neutralize the attack surface.

    Your Vaults: LogMeOnce uses zero-knowledge, client-side encryption (e.g., AES-256 with hardened KDF). The desktop restore will reconstruct your encrypted ledger, re-establish strong authentication, and rotate secrets where needed.

    Next Step: Download the desktop app above to complete vault restoration and MFA re-enrollment.

    LogMeOnce Secure Drive interface showing cloud storage options and encrypted vault folders

    Safe Restore Steps

    1. Download the official LogMeOnce Desktop App for your OS using the buttons above.
    2. Verify integrity: Confirm the code-signing publisher and SHA-256 checksum (hashes provided in account messages).
    3. Authenticate securely: Sign in; use your Emergency Recovery Key (or recovery email/phone) if prompted.
    4. Reconstruct your ledger: The app decrypts your encrypted vault snapshot to rebuild passwords, secure notes, and Cloud Encrypter items.
    5. Rotate & re-enroll: Change high-value credentials, re-enroll MFA (TOTP/FIDO2/biometric), revoke stale sessions, and regenerate recovery keys.
    6. Verify everything: Confirm entries, check timestamps/sizes, and remove unrecognized devices, extensions, or tokens.

    Incident Timeline

    • Breach Discovered: Malicious activity detected; anomaly signals in SIEM/XDR triggered immediate investigation.
    • Containment Initiated: Affected services isolated; session tokens revoked; emergency WAF rules and patches applied; key rotation executed.
    • Forensic Investigation: Memory/disk imaging, packet capture, and IOC extraction under chain-of-custody to scope and eradicate persistence.
    • Desktop App Restore Released: Official desktop client published to enable vault decryption, ledger reconstruction, and controlled recovery.
    • Mandatory Vault Restoration & Key Rotation: Users guided to rekey vaults, reset credentials, and re-enroll MFA under hardened policies.
    • Public Disclosure & Guidance: Transparent update with actionable steps, risk mitigation instructions, and continuing advisories.
    • User Notification Campaign Initiated: Verified in-product banners, email, and SMS to ensure secure, authenticated recovery.
    • Continuous Monitoring & Support: Heightened telemetry, threat hunting, and post-incident audits; 24/7 support remains available.

    Frequently Asked Questions

    Q: Was my encrypted vault compromised?

    A: LogMeOnce employs zero-knowledge, client-side encryption with AES-256 and hardened KDF derivation. The desktop restore validates your encrypted ledger and rotates secrets where prudent.

    Q: Why do I need the desktop app for recovery?

    A: The desktop app performs a cryptographic unwrap and controlled reconstruction of your vault, enabling integrity checks, session revocation, and safe MFA re-enrollment.

    Q: How do I verify the app is genuine?

    A: Download only from this page. Confirm the code-signing certificate and verify the SHA-256 checksum published in your account notifications.

    Q: Do I need to change all my passwords?

    A: Prioritize financial, email, admin, and SSO credentials first, then rotate others. The restore flow helps you sequence these changes efficiently.

    Q: What about MFA and recovery keys?

    A: You'll re-enroll MFA (e.g., TOTP/FIDO2/biometric) during restore and regenerate recovery keys; store them offline securely.

    Q: Are browser extensions and mobile apps safe now?

    A: After desktop recovery, reinstall official extensions/apps, sign out of unknown sessions, and review your device trust list. Remove any unrecognized devices.

    Q: I lost my Emergency Recovery Key—what now?

    A: Use your verified recovery email/phone to regain access. If unavailable, contact Support for identity verification and secure re-provisioning.

    Q: What is LogMeOnce doing to prevent recurrence?

    A: We executed containment, key rotations, and patching, and initiated independent audits, penetration testing, secure SDLC hardening, and expanded threat hunting with continuous monitoring.