If you are a LastPass user, you should now worry. Password manager company LastPass has now confirmed that hackers stole its customers’ encrypted password vaults where it stores customers’ passwords and other secrets.
LastPass CEO Karim Toubba has updated the existing blog post about the data breach that happened a few months ago. In the updated blog post, he confirmed that hackers took a copy of a backup of customer vault data using the keys stolen from a LastPass employee.
The company has still not confirmed how many users are impacted by this data breach.
Read: LastPass keyboard shortcuts for Windows and Mac
The company claims that password vaults are encrypted and can only be accessed using the master password that is known only to customers. Hackers may try to brute force the master password for decrypting the copies of vault data. So, customers should change the LastPass master password to a new and hard-to-guess phrase.
The best thing you can do is to change all the passwords you kept in your LastPass Vault. Start with the most critical accounts such as banking passwords and social media accounts.
Hackers may also send emails to customers claiming to be from LastPass for asking personal information. Take extra precautions when you receive such emails.
Also see: Best Free Alternatives to LastPass Password Manager
