Is LastPass Password Manager Hacked? Users Reveal Possible Compromise, 3 Ways to Protect Your Password

LastPass Password Manager Admits it Had a Data Breach — Should You Change Your Passwords?
LONDON, ENGLAND - AUGUST 09: In this photo illustration, the logo for online password manager service "LastPass" is reflected on the internal discs of a hard drive on August 09, 2017 in London, England. With so many aspects of life requiring passwords and login information, password managers are becoming increasingly popular among consumers and businesses. Leon Neal/Getty Images

The free and popular password manager LastPass might be compromised. Its members reported multiple attempted logins by malicious actors who used the correct LastPass master password.

Members are advised to enable two-factor authentication to secure their accounts.

LastPass is popularly known as a reliable password manager and web browser extension. Its service also extends to smartphones via an app. Unfortunately, its good reputation is now being tested after members reported concerning issues about its interface.

LastPass Master Password: Hack Reports

One LastPass user asked in Hacker News if their account was already compromised. The user said "LastPass blocked a login attempt from Brazil (it wasn't me). According to an email I received from LastPass, this login was using the LastPass account's master password. The email doesn't look like it's a phishing attempt."

Many in the thread's comment section shared the sentiment. Notably, a majority of reports come from users with outdated LastPass accounts. These members grew concern that LastPass might already be compromised and a few passwords have leaked out.

Is LastPass Hacked: Representatives Say No

When asked for a comment, LastPass spokesperson Meghan Larson told Apple Insider that the company was not breached. Instead, cybercriminals are utilizing a strategy called "credential stuffing" where they attempt to access user account using information from third-party breaches.

The sentiment implies the cyberattacks that happened earlier this year. Some events to note are:

Any user who has fallen victim to these attacks might have their accounts and passwords exposed during the breach. Cybercriminals are reportedly using this information to hack into their accounts, which LastPass promptly detected.

Notably, LastPass did a good job of blocking these suspicious logins. However, it is undetermined how many users are affected by this type of issue.

Meghan told How-To Geek that "it's important to note that we do not have any indication that accounts were successfully accessed or that the LastPass service was otherwise compromised by an unauthorized party." The situation is still progressing, and the company is still investigating whether or not a breach happened in their system.

How to Secure LastPass Master Password

Regardless, the issue cause an alarm to many users. To avoid falling victim to these attacks, users are recommended to secure their accounts as soon as possible. They can do this by following the steps provided below:

  • Enable two-factor authentication: This ensures that only the user with the smartphone can access the account.
  • Change account passwords regularly: It should be emphasized that users should never share the same password for different accounts or different websites.
  • Strengthen account passwords: Users are advised to make a strong password by taking advantage of numbers, special characters, uppercase and lowercase letters in the code.

Related Article: Telegram Malware Steals Crypto Wallets, Other Credentials: Warning Signs of Elcheron Malware, How to Avoid

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics