LastPass has been hacked, so change the password's password

LastPass has been hacked, so change the password's password

If you use LastPass - a program that manages numerous passwords for a single user - then you had best change the master password that you use for it immediately. It was announced yesterday that "suspicious activity" had been detected on the main servers for the program, and while "no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed," CEO Joe Siegrist did admit that "LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised."

Because of the intrusion, LastPass will require those without a multifactor authenticator to verify their account by email, but more importantly they are advising all users to change their master password for the program. "Security and privacy are our top concerns here at LastPass," Siegrist continued. "Over the years, we have been and continue to be dedicated to transparency and proactive measures to protect our users. In addition to the above steps, we’re working with the authorities and security forensic experts." He goes on to apologise for the inconvenience before promising better protection in the future. You can read the full statement by heading over to the LastPass website, but if you're a LastPass user you should go and change your master password immediately.

Add a comment

You don't need an account to comment. Just enter your email address. We'll keep it private.