LastPass Hacked

June 15, 2015—Joe Siegrist, CEO and co-founder of popular password manager LastPass, notified clients of a breach in their network where “LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.” This announcement was made in the company blog. In the same post, Siegrist assured customers that there is no evidence that the attackers accessed user accounts and encrypted user vault data.

Ars Techinca reports that this is the second breach notification from LastPass in the last four years.

As a result of this attack, LastPass now requires all users logging in from new devices or IP addresses for the first time to verify their account via email. Those who have multi-factor authentication enabled are exempted from this extra step. LastPass is also encouraging its clients to change their master password as added precaution. They will be prompted to do this update when they access LastPass.

For more information on the breach and what steps to take, go HERE.

See our Knowledgebase for trending How-To articles.

Comments are closed.