Skip to main content

LastPass Falls To The Hacking Community

By June 16, 2015March 7th, 2023Blog, Cybersecurity

fignerprint-257037-300x225It seems that no security company is safe from hackers as LastPass finds itself among the recent high profile hacks.

If you’re not sure what LastPass is, it’s a secure password service. You generate a Master Password, and use it to securely store all your other passwords. It’s convenient, because it leaves you only having to remember just one password.

What Was Taken

The hackers were able to make off with the email addresses of everyone who uses the service, along with password reminders, authentication hashes and server per user salts. Of these, the most troubling are the authentication hashes, as this is what LastPass uses to determine that you’re you, and have permission to access your account.

According to the company’s blog, even with the authentication hashes in hand, it would be virtually impossible for a hacker to actually breach your account and get into your password safe. That is of some comfort, but of course, the company was supposed to be essentially unhackable to begin with, so take that with a grain of salt.

What You Should Do

About the only thing that’s absolutely required is to change your Master Password. That way, if LastPass is wrong about the hackers not being able to use the authentication hashes to break into your password safe, they’ll be using the wrong password – it will render the hashes irrelevant.

As an added security precaution, the company has locked accounts down, so that if you’re not accessing your account from a trusted IP address you’ve used before, you’ll also have to take the step of verifying your email. According to the company’s website, the data that the hackers got shouldn’t put your other passwords at risk, but you’ll definitely want to change your Master Password. No further action should be required, but if it is, you’ll be getting detailed instructions from LastPass.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.