This is why it’s not a good idea to use password-storing services like LastPass


Looks like there was a breach in the LastPass service. While it’s not a complete disaster, it should give everyone a good signal that it’s really not a good idea (IMO) to use cloud-based password-storing systems.

If I was using LastPass, I would be deleting my account and all its data immediately.

We want to notify our community that on Friday, our team discovered and blocked suspicious activity on our network. In our investigation, we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed. The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.

Source: LastPass Security Notice | The LastPass Blog