Happy new year hacking from LastPass
Apparently, LastPass was hacked.
While the hackers got access to customers Vaults, if you have a strong master password—your Vault should be protected.
But, aside from the Vault, hackers also got access to
…personal information and related metadata, including company names, end-user names, billing addresses, email addresses, telephone numbers, and IP addresses customers used to access LastPass services. The hackers also copied a backup of customer vault data that included unencrypted data such as website URLs and encrypted data fields such as website usernames and passwords, secure notes, and form-filled data.
This is bad. Prepare for a lot of phishing attacks.
Remember: Always use strong password. Always use 2-factor authentication. Always use end-to-end encryption on everything. Never trust cloud providers.