One of the biggest password managers manages to get hacked

Hacker hacking things.
(Image credit: Getty images - boonchai wedmakawand)

LastPass, one of the largest freemium cloud-based password managers with more than 25 million users, has been hacked. The hackers made off with "portions of source code," according to an announcement by the company itself. The good news is that no user information or passwords were at risk. 

In a blog post (via sweclockers), LastPass revealed today that it was exposed to a data breach two weeks ago. The company "detected some unusual activity within portions of the LastPass development environment," which resulted in the theft of proprietary data. A compromised developer account is to blame for the breach. Fingers crossed they weren't using 'password' or '12345' or this is going to get embarrassing for someone.

As far as users' personal information and passwords are concerned, there's no evidence of customer data or account master passwords being accessed, according to LastPass. 

Users' Encrypted vault data also seems to have not been affected. LastPass says the whole incident took place in its "developer environment," which means that it went nowhere near touching any of the encrypted vault data. 

In addition to passwords, LastPass users can also store digital copies of personal records like ID and insurance cards in a vault in the cloud. The premium version of the services gives you access to this vault across multiple devices.

Your next machine

(Image credit: Future)

Best gaming PC: The top pre-built machines from the pros
Best gaming laptop: Perfect notebooks for mobile gaming

"In response to the incident, we have deployed containment and mitigation measures and engaged a leading cybersecurity and forensics firm," wrote Karim Toubba, CEO of LastPass. "While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity."

Last year, LastPass suffered a credential stuffing attack, where hackers attempted to access users' cloud-hosted password vaults. In 2015, LastPass told its customers to change their master passwords after a data breach occurred where hackers managed to steal some user data (but no passwords). 

If you're a LastPass user, the company says there's no action you need to take right now. However, LastPass does recommend that you set up authentication via the LastPass Authenticator app and make sure you keep all your devices up to date.

Jorge Jimenez
Hardware writer, Human Pop-Tart

Jorge is a hardware writer from the enchanted lands of New Jersey. When he's not filling the office with the smell of Pop-Tarts, he's reviewing all sorts of gaming hardware, from laptops with the latest mobile GPUs to gaming chairs with built-in back massagers. He's been covering games and tech for over ten years and has written for Dualshockers, WCCFtech, Tom's Guide, and a bunch of other places on the world wide web. 

Read more
Kinzie, in an FBI jacket, uses a computer with the logo of the Third Street Saints on it
Have I Been Pwned adds over 284 million compromised passwords from latest breach
A Path of Exile 2 sorceress casting flaming skulls in a hellish landscape
'We are incredibly sorry': Path of Exile 2 devs apologise for data breach that saw 66 accounts snatched and personal info potentially stolen
Path of Exile 2 early access class key art
Around 66 accounts in Path of Exile 2 were compromised, due to a one-two punch of an old unused Steam account and a backend bug
Mister Fantastic giving a thumbs up
A Marvel Rivals player has uncovered 'one of the most dangerous vulnerabilities a game can have' that'll let cheaters take over your PC and find your passwords
Hacker
$1.5 billion crypto heist could be the biggest yet, more than doubling the previous record, but don't worry: The affected firm says it can take the hit
An image of a fake Bitcoin with a laptop in the background displaying financial data
North Korean hackers are said to have stolen $1,300,000,000 in crypto in 2024, an estimated 61% of the total funds swiped this year
Latest in Hardware
Jensen Huang, co-founder and chief executive officer of Nvidia Corp., speaks while holding the company's new GeForce RTX 50 series graphics cards and a Thor Blackwell robotics processor during the 2025 CES event in Las Vegas, Nevada, US, on Monday, Jan. 6, 2025. Huang announced a raft of new chips, software and services, aiming to stay at the forefront of artificial intelligence computing. Photographer: Bridget Bennett/Bloomberg via Getty Images
Group allegedly trying to smuggle Nvidia Blackwell chips stare down bail set at over $1 million
OpenAI logo displayed on a phone screen and ChatGPT website displayed on a laptop screen are seen in this illustration photo taken in Krakow, Poland on December 5, 2022.
If you don't let us scrape copyrighted content, we will lose out to China says OpenAI as it tries to influence US government
Alienware 27 AW2725Q QD-OLED
Alienware 27 AW2725Q QD-OLED review
Nvidia RTX 5090 Founders Edition graphics card on different backgrounds
AI will be crammed in more of the graphics pipeline as Nvidia and Microsoft are bringing AI shading to a DirectX preview next month
Nvidia RTX 50-series graphics cards alongside an RTX 4090
Nvidia says it's sold twice as many RTX 50-series cards as RTX 40-series in the first 5 weeks. I'd bloody well hope so given there was essentially just the RTX 4090 for competition
AMD Radeon RX 9070/9070 XT graphics cards with artistic renders of reference design cards circled
Looks like a reference design AMD RX 9070 XT card has shown up in China, but let's not get carried away with thoughts of MBA cards just yet
Latest in News
Kingdom Come: Deliverance 2 image - Henry riding a pink and blue striped horse while holding a fish
Kingdom Come: Deliverance 2 now has Steam Workshop support, and of course one of the first mods lets you adjust the 'jiggle physics'
Still image of Bastion holding a bird, taken from Microsoft's Copilot for Gaming reveal trailer
Microsoft unveils Copilot for Gaming, an AI-powered 'ultimate gaming sidekick' that will let you talk to your console so you don't have to talk to your friends
Erenshor - A player and two simulated MMO party members stand on a plateau in front of a yellow landscape
This RuneScape-looking 'simulated MMORPG' has all the nostalgia without the drama because all the other 'players' are NPCs
Pirate Bay co-founder Carl Lundstrom
Pirate Bay co-founder and far-right politician found dead after plane crash
Sunset in the desert in Hello Sunshine
Hello Sunshine is a desert survival sandbox where you live in the literal shadow of the colossus
Roblox CEO David Baszucki.
'Don't let your kids be on Roblox', Roblox CEO tells parents, before comparing himself to Walt Disney and declaring the platform 'the future of communication'