As some of you may know, LastPass has had a very large security breach that is of considerable concern. But other than password issues, what should SEOs consider about this security issue? I pointed out that it may be published and accessed.
written by john twitter“The password is encrypted, but the URL is not.” That’s fine, just take care of that too.”
According to the announcement, “The attackers were also able to copy backups of customer vault data from encrypted storage containers. stored in a proprietary binary format that contains both encrypted and sensitive fields: website usernames and passwords, secure notes, data entered into forms, etc.”
The password is encrypted, but the URL is not. If it’s used for staging sites or internal environments where you don’t want to expose URLs (less secure settings, leaking information from URLs), we recommend taking care of that as well.
— John Mueller is hardly here 🐀 (@JohnMu) December 23, 2022
As such, the test server’s website URLs may be exposed and search engines may retrieve them. So we need to make sure they are locked down from being crawled and potentially ranked by Google and other search engines.
But the bigger issue is the password issue, but again, unless someone goes to Google Search Console and removes your site, or someone removes your website, they are not necessarily SEO is not the problem.
forum discussion at twitter.