Not too long ago, LastPass confirmed that they had suffered a data breach which led to a hack stealing the information of its customers and users. Now in an update to the incident, LastPass has confirmed our worst fears that the password vaults of its users were amongst the things that were stolen.
For those unfamiliar, LastPass is a password manager where users store the passwords to websites and services inside of an encrypted “vault”. This is basically where all their passwords are kept, which means that a hacker stealing it could easily gain access to information like your banking passwords, passwords for your social media accounts, your Google/Apple accounts, and more.
While this sounds bad, and it is bad, LastPass claims that the vaults are encrypted and can only be unlocked using your master password. Assuming you don’t reuse your master password, you should be safe, but at the same time, LastPass is also warning that the hackers could still attempt to brute force their way into your vault, so depending on how complex your master password is, they may or may not eventually break in.
In the meantime, if you are so inclined, you might want to consider changing the passwords to your accounts that you stored in LastPass. It might be tedious, so maybe start with the more important accounts like your banks and then move down the list. Also, you might also want to consider setting up 2FA where possible which will make it harder for hackers to get in.