loader image
Using different passwords on every website and storing them in a secure password manager is a standard best practice in data security. It’s generally good advice, but what happens when the makers of password vaults get hacked?

That’s what the more than twenty-five million users of LastPass are now finding out. LastPass is one of the largest password vaults in the world, and unfortunately, that makes it a tempting target for hackers everywhere. On August 25, 2022, LastPass’ CEO Karim Toubba announced that “an unauthorized third party had stolen portions of the source code and some proprietary LastPass technical information.”

The breach appears to have been confined to the company’s development servers when a developer’s account was compromised. The good news for LastPass customers takes two forms. First is that the development servers did not contain any customer data. Second, LastPass employs “zero knowledge” architecture, meaning that even though it stores your passwords, no one can access your information without your master password.

LastPass stated that the breach had no effect on the master passwords of its users and said that there is no evidence of any more criminal activity. Therefore, there is currently no action that is necessary from those who use their service.

While an investigation into the incident continues, the company said that it has installed new preventative measures and that it has retained the assistance of industry-leading cybersecurity and forensics firm.

FREE Report

The Portland Metro Area Guide to IT Support Services and Fees

What you should expect to pay for its support for your small business (and how to get exactly what you need without unnecessary extras, hidden fees, and bloated contracts)

Name(Required)
This field is for validation purposes and should be left unchanged.