One Password to Steal Them All, apparently.
Today, the maker of the popular password encryption and storage utility, LastPass has gone on record to announce that it has been hacked. Suspicious activity was confirmed this past Friday, but it took the company's team until today to confirm that it was, indeed, hacked and customer data has been stolen.
On the company's blog, LastPass confirms that its investigation has shown that email addresses, password reminders, server per user salts, and authentication hashes were compromised.
If you have a weak master password or if you have reused your master password on any other website, please update it immediately. Then replace the passwords on those other websites. Because encrypted user data was not taken, you do not need to change your passwords on sites stored in your LastPass vault. As always, we also recommend enabling multifactor authentication for added protection for your LastPass account.