According to a new blog post from LastPass, some suspicious network activity was noticed Friday, which prompted them to block that activity. LastPass says a “vast majority” of users are safe.
While the activity was quickly noticed and blocked, LastPass writes “in our investigation, we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed. The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.”
LastPass goes on to note that any users who may have a weak master password should change theirs quickly, and it will notify any users who may have been compromised via email. Users who log in via a new device or IP address will be asked to verify their account via email unless they have multifactor authentication activated.
Even if you weren’t compromised, this serves as a good reminder that keeping your passwords fresh is always a good idea.
➤ LastPass security notice [LastPass]
from The Next Web http://ift.tt/1GIwyH5
via IFTTT
0 Kommentare:
Kommentar veröffentlichen