The service issued a statement June 15 that he had discovered an intrusion the previous Friday that exposed the email addresses of users, master password encryption information and recall words and users must create sentences for their master passwords. The words of passes themselves are not exposed, and no user accounts have been consulted, but the information available could be used to help attackers break the user accounts, according to cybersecurity expert Brian Krebs . the LastPass users are strongly encouraged to change their master passwords a soon as possible.
What is LastPass do to ensure the safety of the user?
After discovering the breach, immediately LastPass master reset all passwords and also made it so those without two-step verification enabled must verify their identity via email when they try to connect from a new peripheral. The service also contacted law enforcement and security forensic experts. It is unclear at this time how long the intrusion continued, as security experts say could make a huge difference in the number of accounts are vulnerable. Accounts with weak or reused passwords masters are more vulnerable than those who have more complex passwords, and could be the target of attacks by brute force.
What should I do?
The most important thing for LastPass users to change their master password as soon as possible. Because it is the safehold to let other Internet passwords, you should go beyond to make this complex password as possible. A long strong password is recommended - you can follow tips on this blog for a strong password. The longer and more random the better, especially with something as important as the master password for your vault password. Most user passwords are probably safe from this attack, but changing yours and strengthening it is never a bad idea.
He also might be a good idea to use a password manager that are not cloud-based, because invariably those who will be more sensitive to violations that a program that stores locally on your computer or device. Business Insider has uncovered information that LastPass has been the target of hackers for years because of flaws in its security, which makes it potentially much worse hack it seems. LastPass said its cryptographic protections on labor master passwords to make them almost impossible cracking. In addition, all the encryption and decryption happens on your device, which means LastPass never has access to the passwords you store in your safe.
Follow our identity theft protection blog to learn more how you can protect your personal information.