A cloud-based password security site, LastPass suffered a data security breach that compromised the account email addresses, password reminders, server per user salts, and authentication hashes.
LastPass recommended its users to update their weak master passwords as a preventive step.
LastPass servers were even over-loaded and many people were displayed the message: "Oops! Our servers are a bit overloaded right now. Please try your password change again shortly, we will catch up soon."
Source: https://www.zdnet.com/article/lastpass-password-security-site-hacked/
TPRM report: https://scoringcyber.rankiteo.com/company/lastpass
"id": "las1151522",
"linkid": "lastpass",
"type": "Breach",
"date": "07/2015",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Technology',
'name': 'LastPass',
'type': 'Company'}],
'customer_advisories': 'Recommended users to update their weak master '
'passwords',
'data_breach': {'type_of_data_compromised': ['email addresses',
'password reminders',
'server per user salts',
'authentication hashes']},
'description': 'A cloud-based password security site, LastPass suffered a '
'data security breach that compromised the account email '
'addresses, password reminders, server per user salts, and '
'authentication hashes.',
'impact': {'data_compromised': ['email addresses',
'password reminders',
'server per user salts',
'authentication hashes'],
'operational_impact': 'Server overload'},
'response': {'communication_strategy': 'Informed users about the breach and '
'recommended updating passwords',
'remediation_measures': 'Recommended users to update their weak '
'master passwords'},
'title': 'LastPass Data Security Breach',
'type': 'Data Breach'}