Happy new year hacking from LastPass

Apparently, LastPass was hacked.

While the hackers got access to customers Vaults, if you have a strong master password—your Vault should be protected.

But, aside from the Vault, hackers also got access to

…personal information and related metadata, including company names, end-user names, billing addresses, email addresses, telephone numbers, and IP addresses customers used to access LastPass services. The hackers also copied a backup of customer vault data that included unencrypted data such as website URLs and encrypted data fields such as website usernames and passwords, secure notes, and form-filled data.

This is bad. Prepare for a lot of phishing attacks.

Remember: Always use strong password. Always use 2-factor authentication. Always use end-to-end encryption on everything. Never trust cloud providers.

Stay safe.