Skip to main content

LastPass suspects a breach, meaning it’s time for a password change

lock, computing, security
Pixabay
LastPass, the password management service, posted an update on June 15 to its blog noting that there had been “suspicious activity” on its website. The company stated, however, that its encryption measures have kept all of its users’ data safe.

“LastPass strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side,” wrote LastPass CEO and Founder Joe Siergrist. “This additional strengthening makes it difficult to attack the stolen hashes with any significant speed.”

Recommended Videos

As a result of the suspected breach, LastPass says it’s requiring all of its users who are logging in from a new device or IP address to verify their email, unless a multifactor authentication is enabled. LastPass is also asking everyone to update their master password, which could be a downer if you already committed your old one to memory.

Please enable Javascript to view this content

And to make sure everyone is up to speed, LastPass is emailing all of its customers about the breach. Now, it appears that the website is handling a large wave of customers attempting to keep their data secure, according to TechSpot.

As of late Monday afternoon, a server overload message has been popping up when you attempt to change your master password. This doesn’t mean you should give up on taking LastPass’ advice, however, especially if it turns out the breach is worse than expected.

“We apologize for the extra steps of verifying your account and updating your master password, but ultimately believe this will provide you better protection,” Siergrist continued.

LastPass, which is headquartered in Virginia, does business in 71 countries around the world. In addition to encrypting passwords, LastPass encrypts and decrypts information locally before syncing it. This allows you to keep your sensitive data on your device.

“Security and privacy are our top concerns here at LastPass,” said Siergrist, reassuring customers following the breach.

Krystle Vermes
Former Digital Trends Contributor
Krystle Vermes is a professional writer, blogger and podcaster with a background in both online and print journalism. Her…
No, 1Password wasn’t hacked – here’s what really happened
A person using the 1Password password manager on a laptop while sat on a couch.

Password managers have been struggling with security breaches in recent months, with LastPass suffering a particularly bad hack as a notable example. So when 1Password users got an alert last week saying their Secret Keys and passwords had been changed without their knowledge, they were understandably panicked. Luckily, all was not what it seemed.

That’s because AgileBits, the company behind 1Password, has just explained exactly what went wrong during that event. And while it wasn’t as bad as everyone first thought, it still doesn’t paint AgileBits in a particularly good light.

Read more
Apple’s Mac shipments dived more than 40% last quarter
The MacBook Pro on a wooden table.

Apple saw a big drop in Mac shipments in the first quarter of 2023 compared to the same quarter a year earlier, according to data from research firm IDC.

The Cupertino, California-based tech giant shipped 4.1 million laptops and desktops during the last quarter, compared to 6.9 million in the same period 12 months ago, marking a sizable 40.5% decline.

Read more
No, The Last of Us PC requirements aren’t changing
Ellie looking concerned.

Sony Interactive Entertainment (SIE) released an updated PC requirement chart for The Last of Us Part One on Monday, clarifying the system requirements players will need if they want to play the game when it launches on March 28. Some reports claim that the PC requirements have been downgraded, but they haven't; if anything, the port calls for a slightly more powerful system.

The original PC requirements (below) called for a Radeon RX 5800 XT at the Recommended tier, which is to run the game at 1080p with 60 frames per second (fps). The updated requirements call for an RX 5700 XT instead. That sounds like a downgrade, but AMD never released an RX 5800 XT -- it was a typo. You don't need to look further than the next GPU recommendation to see that, which is an AMD "Radeom" RX 6600 XT. The updated requirements have fixed that typo, as well.

Read more