- Anti-impeachment protesters aimlessly fumble through halls of Congress 5 Years Ago
- Everything we know so far about the Xbox Series X Today 12:17 PM
- ASMR YouTuber Life with MaK says she was branded a ‘Nazi’ by online smear campaign Today 10:46 AM
- Voters duped by fake ex-Bloomberg intern’s tweet about being fired Today 9:47 AM
- HBO’s ‘Watchmen’ and the fantasy of competence Today 8:00 AM
- Cómo ver Kamaru Usman vs. Colby Covington en el UFC 245 Today 7:00 AM
- ‘Penis fish’ memes erupt after worms wash up on California coast Friday 5:58 PM
- Why Britons are tweeting ‘Little England’ in wake of the U.K. election Friday 3:22 PM
- Net neutrality advocates ask for rehearing on federal court decision Friday 2:29 PM
- Americans are sharing their #PrivateHealthLIFEhacks to help Brits Friday 2:28 PM
- Warren, Sanders, Yang pledge to skip next week’s debate over union dispute Friday 2:12 PM
- How to watch tonight’s Nets vs. Raptors matchup on NBA TV Friday 2:00 PM
- Alt-right comedian Owen Benjamin banned from Instagram over anti-Semitic memes Friday 1:55 PM
- TikTok teens are procrastinating with #FinalsWeek Friday 1:46 PM
- ‘The Mandalorian’ takes on a prison break in episode 6 Friday 1:30 PM
LastPass just got hacked, so change your password right now
Better safe than sorry.
In news that will be sure to send users into a panic, popular password manager LastPass has been hacked. The breach was announced by LastPass co-founder and CEO Joe Siegrist on the company’s blog in a post titled “LastPass Security Notice.”
LastPass caught suspicious activity on its network on Friday, which led to an investigation into the activity over the weekend. The company found during the deep dive into the breach that “LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.”
Any time “passwords” and “hacking” are used in the same sentence, it’s sure to send people into a tizzy. While every hack is worth worrying about, LastPass is reporting no encrypted data has been taken and no LastPass users accounts have been accessed.
The way LastPass authentication works makes these hashes hard to crack if you use a password of even marginal quality. Still, I’m changing.
— SecuriTay (@SwiftOnSecurity) June 15, 2015
If you use LastPass, you need to change your password. Take this opportunity to enable two-factor auth. It will save you lots of pain later.
— Christopher Soghoian (@csoghoian) June 15, 2015
Still, it is strongly recommended LastPass users change their master password. Passwords to other sites are kept under lock and key of encryption and stored privately in a user vault, so those should remain safe. But LastPass is prompting users to reset their master passwords. The service will also require users signing in on a new device to authenticate their account via email or multi-factor authentication if enabled.
LastPass previously suffered a breach in 2011 after discovering oddities in incoming and outgoing network traffic. The company decommissioned the breached servers and recommended users change their master passwords. The request overwhelmed the remaining servers and caused additional troubles. However, no customer data was found to be compromised.
Photo via kev-shine/Flickr (CC BY 2.0)
AJ Dellinger is a seasoned technology writer whose work has appeared in Digital Trends, International Business Times, and Newsweek. In 2018, he joined Gizmodo as the nights and weekend editor.