- Sep 9, 2002
Forget changing passwords, you need to change your PW manager. BitWarden FTW.
LastPass Issues Update on Data Breach, But Users Should Still Change PasswordsOn Dec. 22, LastPass CEO Karim Toubba acknowledged in a blog post that a security incident the company first disclosed in August eventually paved the way for an "unauthorized party" to steal customer account information and sensitive vault data. The breach is the latest in a lengthy and troubling string of security incidents involving LastPass, which date back to 2011.
It's also the most alarming.
The unauthorized party was able to gain access to unencrypted customer account information like LastPass usernames, company names, billing addresses, email addresses, phone numbers and IP addresses, according to Toubba. That same unauthorized party was also able to steal customer vault data, which includes unencrypted data like website URLs as well as encrypted data like the usernames and passwords for all the sites that LastPass users have stored in their vaults.