Password manager service says customer email addresses and other information compromised
A web service that promises to help people keep their passwords secure has reported hackers may have obtained some user information — although not actual passwords — from its network.
LastPass, which stores multiple passwords in encrypted form, warned Monday that it had detected "suspicious activity" on its own computer system. That led to the discovery that some users' email addresses, password reminders and encryption elements were compromised. The company said its investigation found no evidence that individual passwords or user accounts were breached.
The company is advising users to change their LastPass master passwords, which are used to retrieve encrypted individual passwords for the users' other online services or accounts. But it said they don't need to change individual passwords for all their accounts.