LastPass is one of the most popular password managers in the world and is used by millions of users. However, the service is not completely sensitive to cyber attacks, something that could have happened recently.
In accordance with AppleInsider, several users of this service have received an alert message indicating that their master password has been compromised.
It is unknown how the passwords were leaked, but according to the report most of the reports come from users with outdated LastPass accounts, meaning that they have not accessed the service and changed their password for a long time.
LastPass has responded to the news and told The Verge Nikolett Bacso-Albaum, a spokesman for the company, the password manager ensures that it has never been compromised and that no criminal has been able to access the accounts of its users.
An attack known as Credential Stuffing
According to the spokesperson, the alerts users received were related to a fairly common activity linked to bots. These bots made some malicious attempts to log into LastPass accounts using email addresses and passwords obtained from third-party services.
This type of attack, known as Credential Stuffing, takes advantage of vulnerabilities in apps and websites to steal passwords and credentials from their databases.
Although LastPass ensures that there has been no attack or data breach, it is recommended that, if you have an account on the service, you change your password now and from time to time.