TL;DR: Last Pass is broken. All passwords at the time of the breach were taken. They also got internal secrets from a laptop and can now probably throw computational power at anything they want to decrypt.

Switch. Do not use. Change everything you have if you were using it. Treat everything as breached.

  • familiar [he/him]
    ·
    2 years ago

    True but this is like the second or third breach in the last couple years and the obviously aren't meeting the expected standard.

    • groundling20XX [none/use name]
      ·
      2 years ago

      Huge target, large dev team and knowledge of they ever covered up a breach of data access they will be obliterated. They are one of the few companies that actually reports breaches because they want to push liability for these post breach incidents on their customers who may have bad passwords.