The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Information on this website may not be current. This website may contain links to other third-party websites. Such links are only for the convenience of the reader, user or browser; we do not recommend or endorse the contents of any third-party sites. Readers of this website should contact their attorney, accountant or credit counselor to obtain advice with respect to their particular situation. No reader, user, or browser of this site should act or not act on the basis of information on this site. Always seek personal legal, financial or credit advice for your relevant jurisdiction. Only your individual attorney or advisor can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, contributors, contributing firms, or their respective employers.
Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them. Compensation is not a factor in the substantive evaluation of any product.
A free service that lets consumers digitally store all their passwords for their various website logins now suspects it was hit by hackers, leaving millions of accounts of all types vulnerable.
Currently, more than 1 million consumers utilize the password manager LastPass, but now the company, fearful that it has been victimized by a targeted hacking scheme, will force its customers to change their master login information, according to a report from The New York Times. Anyone who gained access to a LastPass user’s account would be able to find the unencrypted login data for every site they regularly visit, from email servers and social networks to banking sites.
The service suspects but cannot confirm the attack because of two separate “traffic anomalies” that it could not identify, the report said. One of those included someone “leaving” the company’s database. However, the company will also protect users by ensuring that any attempts to access their personal information are from IP addresses similar to those they’ve used in the past.
Since the extent of the potential breach is unknown, experts recommend that consumers be extra-cautious and change their passwords, especially for sensitive and financial accounts stored with LastPass.
More from Identity Theft 911:
October 19, 2023
Identity Theft and Scams
May 17, 2022
Identity Theft and Scams
May 20, 2021
Identity Theft and Scams