LastPass Data Breach
LastPass Data Breach
Password security website LastPass has suffered a data breach. Hackers have stolen the email addresses and password reminders belonging to thousands of users. If you are a LastPass user, your personal information may have been stolen. Please contact us using the form on this page or call us at 213-212-2202. You may be part of a class action lawsuit.
Background
On June 15, 2015 a LastPass investigation team revealed that the company discovered that it has suffered a data breach. Hackers have broken into LastPass databases and have compromised user email addresses, password reminders, and other password data. LastPass CEO Joe Siegrist said that the company has “found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed.” However, although the company has not found evidence of any theft of encrypted data, the possibility exists that the hackers were able to steal the data and cover up their tracks.
LastPass is a password management service that centralizes user password management onto company-run servers. LastPass offers a number of free services but offers additional functionality for premium users. In addition to its services for individuals, the company provides password management for more than 13,000 businesses.
The company’s own password strengthening algorithm makes a user’s LastPass password harder to break. However, it does not make it impossible to overcome. The LastPass algorithm depends on the strength of the password that the user created. Weak passwords are things like names or common English words. To strengthen user passwords, people should include numbers or non-alphabetical characters like the exclamation point (!) when they create their passwords.
Data Breach
A data breach occurs when an unauthorized person views, accesses, or retrieves protected or confidential data belonging to another. A common type of data breach is when computer hackers steal information. These are the kinds of incidents you might hear of on the news. Typically, a hacker or group of hackers will target an organization for its access to a person’s personal health information, personal identity information, financial information, trade secrets, or intellectual property.
Potential Class Action
It has been confirmed that LastPass user emails and password reminders have been compromised. Even if the thieves did not steal encrypted user data, they stole the means to access encrypted user data. These days criminals can easily build machines capable of computing tens of millions of possible password hashes per second for each username or email address. With time, a dedicated hacker can infiltrate secured networks using a bare minimum of identification information. If the hackers from the LastPass breach get to the protected data, the stored information of thousands of LastPass client businesses will be vulnerable.
If you are a LastPass user, your personal information may have been stolen. Please contact us using the form on this page or call The Class Action News at 213-212-2202. You may be part of a class action lawsuit.