If you have a password management account with LastPass, you may want to change your master password. The company says that it found and blocked suspicious activity from a security breach on Friday in an announcement given on Monday. According to the company, the hackers did access users’ email addresses and other information, but were not able to get into the accounts where the passwords are stored. Chief Executive Joe Siegrist stated that the company is “confident that our encryption measures are sufficient to protect the vast majority of users.”
LastPass is still investigating to determine when the breach occurred. The good news is that LastPass does not actually store that many usernames and passwords on its own servers. It instead uses encryption to disguise passwords and software that only allows them to be read on the individual users’ web browsers.
However, it may still be wise to change the master passwords, since the hackers got not only the usernames but also the password clues. If a user has an obvious clue and an easy-to-guess password, then that user might still be vulnerable. Siegrist advises that any user who has a weak master password or a password that has been used on other sites should update the master password and change the passwords on other sites where they are used.
LastPass is not the only company that has had this problem recently. Major cybersecurity company Kaspersky Lab announced just last week that it, too, had been hacked. The Russian-based company is one of the most well-known and biggest cybersecurity research labs in the world. It announced on June 10 that it had been hacked. Founder and CEO Eugene Kaspersky wrote in a blog, “We discovered an advanced attack on our own internal networks. It was complex, stealthy, it exploded several zero-day vulnerabilities, and we’re quite confident that there’s a nation state behind it.” However, the company claims that none of its services have been compromised.
For more information or to ask about our services, including our security services, contact Enstep Technologies today!