- Game developer Chucklefish accused of whitewashing characters of color Monday 5:22 PM
- Apple TV’s ‘Hala’ is a silent explosion of a coming-of-age film Monday 5:20 PM
- This new video game apparently lets you play Jesus Monday 4:02 PM
- Golden toilet creator sells world’s most expensive banana—only for another artist to eat it Monday 3:24 PM
- This new Chinese video game lets players attack Hong Kong protesters Monday 3:05 PM
- These TikTok videos that recreate NPC interactions from Skyrim are honestly incredible Monday 2:40 PM
- John Legend defends pro-consent ‘Baby It’s Cold Outside’ lyrics Monday 2:38 PM
- Video shows UC Berkeley student using racial slurs, making homophobic comments Monday 2:36 PM
- New video reveals Brother Nature instigated sandwich shop fight Monday 2:06 PM
- Lizzo’s thong dress breaks the internet Monday 1:25 PM
- Pixel Buds 2 or Apple AirPods 2: Which are right for you? Monday 1:09 PM
- It’s 2019: Make your holiday cards online, for free this year Monday 12:47 PM
- Fighting over the ‘Marriage Story’ fight scene becomes a meme Monday 12:41 PM
- ‘Trump is innocent!’: InfoWars correspondent interrupts impeachment hearing Monday 12:12 PM
- Video shows runner smacking reporter’s butt on live TV Monday 11:46 AM
LastPass just got hacked, so change your password right now
Better safe than sorry.
In news that will be sure to send users into a panic, popular password manager LastPass has been hacked. The breach was announced by LastPass co-founder and CEO Joe Siegrist on the company’s blog in a post titled “LastPass Security Notice.”
LastPass caught suspicious activity on its network on Friday, which led to an investigation into the activity over the weekend. The company found during the deep dive into the breach that “LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.”
Any time “passwords” and “hacking” are used in the same sentence, it’s sure to send people into a tizzy. While every hack is worth worrying about, LastPass is reporting no encrypted data has been taken and no LastPass users accounts have been accessed.
The way LastPass authentication works makes these hashes hard to crack if you use a password of even marginal quality. Still, I’m changing.
— SecuriTay (@SwiftOnSecurity) June 15, 2015
If you use LastPass, you need to change your password. Take this opportunity to enable two-factor auth. It will save you lots of pain later.
— Christopher Soghoian (@csoghoian) June 15, 2015
Still, it is strongly recommended LastPass users change their master password. Passwords to other sites are kept under lock and key of encryption and stored privately in a user vault, so those should remain safe. But LastPass is prompting users to reset their master passwords. The service will also require users signing in on a new device to authenticate their account via email or multi-factor authentication if enabled.
LastPass previously suffered a breach in 2011 after discovering oddities in incoming and outgoing network traffic. The company decommissioned the breached servers and recommended users change their master passwords. The request overwhelmed the remaining servers and caused additional troubles. However, no customer data was found to be compromised.
Photo via kev-shine/Flickr (CC BY 2.0)
AJ Dellinger is a seasoned technology writer whose work has appeared in Digital Trends, International Business Times, and Newsweek. In 2018, he joined Gizmodo as the nights and weekend editor.