LastPass, the password manager recently announced suspicious activity on its network. While the encrypted user vault data is safe, the company acknowledged that some of the data including email addresses, password reminder and authentication hashes were compromised. While everything now seems to be under control, users are recommended to change their master password as soon as possible.
Password managers are said to be the best way to keep your passwords safe and secure from hackers but what if the vault itself gets compromised. It’s just been a week when a leading security firm Kaspersky was compromised by hackers and now it’s LastPass.
For those who don’t know, LastPass password manager is a leading password manager which employs localized, government-level encryption and local one-way salted hashes to give users a complete security with the go-anywhere convenience of syncing through the cloud. Users here have to remember only their master password and every other password is stored safely in their LastPass account. Sources state that the service currently is serving more than 76 million users.
While the company has already blocked the suspicious activity and everything is under control now, Joe Siegrist, LastPass CEO posted a notice in the official blog urging users to change their master passwords. The team is also notifying the users via personal email.
Siegrist says, “An email is also being sent to all users regarding this security incident. We will also be prompting all users to change their master passwords. You do not need to update your master password until you see our prompt. However, if you have reused your master password on any other website, you should replace the passwords on those other websites”.
As nothing is 100% secure, such security breach can happen to anyone, but it’s good to see that LastPass took the actions immediately and is also notifying the users personally via email.