Dear LastPass User,My suggestion to everyone who read my blog and downloaded LastPass: change your master password. It's easy to do. At the top of your web page you'll find the star symbol that represents LastPass.
On May 3rd, we discovered suspicious network activity on the LastPass internal network. After investigating, we determined that it was possible that a limited amount of data was accessed. All LastPass accounts were quickly locked down, preventing access from unknown locations. We then announced our findings and course of action on our blog and spoke with the media.
As you know, LastPass does not have access to your master password or your confidential data. To further secure your account, LastPass now requires you to verify your identity when logging in. You will be prompted to validate your email if you try to log in from a new location. This prompt will continue to appear until you change your master password or indicate that you are comfortable with the strength of your master password.
Please visit https://lastpass.com/status for more information.
The LastPass Team
This is how the LastPass symbol looks on Google:
Click it and this popup will appear:
This company and the others out there like it provide a valuable service, but even companies that spend lots of money and time creating ways to circumvent hackers can sometimes be vulnerable. LastPass got the word out to the press and to the public fairly fast, as soon as the company confirmed that there were problems.
Am I sorry that I told you about password managers? No, I'm not. I will continue to use them because they save me time and effort at individual sites. The bottom line: you do have to be careful to take reasonable action if you hear that a password manager has been hacked.