It is ironic that an online service designed to help keep users’ passwords secure has been made susceptible to a hacker. LastPass is the service, and one of its users had their personal information stolen by a hacker, as per a blog post the company published on Monday. No password details were taken though. There was no indication that LastPass user accounts were opened. What this latest online attack perhaps does reveal though is that anything online is susceptible to being attacked.
With the LastPass program, a user can create an account and store several passwords there. The object is to simply the password process for people who have many of them to remember for different social networks and other online services. Users would simply sign into the password manager to get a list of their passwords for individual online sites or services where they have accounts.
On Monday, LastPass explained they had noted suspicious goings-on within their computer system. Upon investigating these questionable activities, the discovery came that some email addresses, encryption details, and password reminders were stolen. The company then took action to block the hacker.
As per the LastPass blog post, no individual user passwords for their accounts were stolen. However, users are encouraged to change their master password for their account at LastPass, as that is how they access their individual account passwords.
Many experts have already applauded LastPass for announcing the breach publicly rather than trying to hide it. The encryption measures currently in place will protect the “vast majority of users,” as per the company’s blog post, which was written by CEO Joe Siegrist.
Users are warned not to click on links in emails that claim to be from LastPass, as they may be from the malicious person who stole the email address after hacking into the company’s system.