- Khloé Kardashian angers followers with a calorie-counting joke about True 4 Years Ago
- Spider-Man may no longer be part of the Marvel Cinematic Universe Today 5:28 PM
- Robert De Niro’s company is suing ex-employee for binge-watching Netflix at work Today 4:41 PM
- Intentionally misgendering a character could get you banned from Borderlands 3 Today 4:06 PM
- Facebook pulls Trump re-election ad for targeting ‘strong women’ Today 4:03 PM
- Kamala Harris says she will restore net neutrality if elected Today 3:16 PM
- All 8 of the ‘Rocky’ movies, ranked Today 2:50 PM
- Everything you need to know about the Facebook conservative bias report Today 2:35 PM
- Study links emoji use to more sex Today 2:10 PM
- The chicken sandwich war is in full throttle on Twitter Today 1:47 PM
- Netflix’s ‘Sextuplets’ proves Marlon Wayans is no Eddie Murphy—or even Mike Myers Today 1:31 PM
- Facebook is finally rolling out its clear history tool Today 1:13 PM
- ‘Theater etiquette’ tweets surge after YouTuber cast in ‘Waitress’ Today 12:55 PM
- A GoFundMe for Eric Garner’s killer has raised more than $70,000 Today 12:49 PM
- YouTuber finds GoPro footage of man who drowned in 2017 Today 12:20 PM
LastPass just got hacked, so change your password right now
Better safe than sorry.
In news that will be sure to send users into a panic, popular password manager LastPass has been hacked. The breach was announced by LastPass co-founder and CEO Joe Siegrist on the company’s blog in a post titled “LastPass Security Notice.”
LastPass caught suspicious activity on its network on Friday, which led to an investigation into the activity over the weekend. The company found during the deep dive into the breach that “LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.”
Any time “passwords” and “hacking” are used in the same sentence, it’s sure to send people into a tizzy. While every hack is worth worrying about, LastPass is reporting no encrypted data has been taken and no LastPass users accounts have been accessed.
The way LastPass authentication works makes these hashes hard to crack if you use a password of even marginal quality. Still, I’m changing.
— SecuriTay (@SwiftOnSecurity) June 15, 2015
If you use LastPass, you need to change your password. Take this opportunity to enable two-factor auth. It will save you lots of pain later.
— Christopher Soghoian (@csoghoian) June 15, 2015
Still, it is strongly recommended LastPass users change their master password. Passwords to other sites are kept under lock and key of encryption and stored privately in a user vault, so those should remain safe. But LastPass is prompting users to reset their master passwords. The service will also require users signing in on a new device to authenticate their account via email or multi-factor authentication if enabled.
LastPass previously suffered a breach in 2011 after discovering oddities in incoming and outgoing network traffic. The company decommissioned the breached servers and recommended users change their master passwords. The request overwhelmed the remaining servers and caused additional troubles. However, no customer data was found to be compromised.
Photo via kev-shine/Flickr (CC BY 2.0)
AJ Dellinger is a seasoned technology writer whose work has appeared in Digital Trends, International Business Times, and Newsweek. In 2018, he joined Gizmodo as the nights and weekend editor.