LastPass is a popular password manager service that allows users to store their login credentials for various online accounts in a secure vault. In 2015, LastPass disclosed a security breach that resulted in the theft of user email addresses, password reminders, and encrypted master passwords.
According to LastPass, the company detected suspicious activity on their network on June 12, 2015, and immediately took steps to block the attack. However, the attackers were able to compromise one of LastPass’s databases containing user information, including email addresses, password reminders, and encrypted master passwords.
Fortunately, the attackers did not gain access to the decrypted user passwords. LastPass uses advanced encryption algorithms to protect user data, and the master password is the only way to decrypt it. However, the company advised all users to change their master passwords as a precautionary measure.
LastPass also recommended that users enable two-factor authentication to add an extra layer of security to their accounts. Additionally, the company said it had implemented additional security measures to prevent similar attacks from happening in the future.
Overall, the LastPass breach was a reminder of the importance of using strong, unique passwords for each online account, as well as the benefits of using a password manager to securely store and manage those passwords.