What data was stolen from LastPass users?

Attackers gained access to encrypted password vaults and some personal customer information. However, master passwords remain protected if users followed security best practices.

What should LastPass users do after the breach?

Users are advised to change their master password, enable multi-factor authentication, and monitor account activity. It is also recommended to check all saved passwords for potential compromise.

Why was LastPass targeted in another cyberattack?

The company has faced repeated criticism for insufficient security measures. Despite assurances about data protection, recurring incidents raise concerns about the service’s reliability.

← All news

Security

LastPass Falls Victim to Another User Data Breach

June 27, 2026

Photo: Wired

Quick answer

LastPass confirmed another user data breach, including access to encrypted password vaults. The company is strengthening security measures, but experts advise changing master passwords and enabling multi-factor…

Password manager LastPass has once again experienced a user data breach. The company confirmed that attackers gained access to some information, including encrypted password vaults. This incident is the latest in a series of security issues plaguing the service.

LastPass stated that it is taking steps to enhance security, but cybersecurity experts advise users not to rely solely on the service’s built-in mechanisms. Specifically, they recommend changing the master password and enabling multi-factor authentication to minimize the risk of account compromise.

Despite the company’s assurances about encryption reliability, the incident has raised concerns among customers. Many users are expressing dissatisfaction and considering switching to alternative password management solutions. Experts note that repeated breaches could seriously undermine trust in LastPass.

As part of the incident investigation, LastPass is collaborating with law enforcement and independent cybersecurity experts. The company promises to provide additional details as the circumstances of the attack are clarified.

Common questions

What data was stolen from LastPass users?: Attackers gained access to encrypted password vaults and some personal customer information. However, master passwords remain protected if users followed security best practices.
What should LastPass users do after the breach?: Users are advised to change their master password, enable multi-factor authentication, and monitor account activity. It is also recommended to check all saved passwords for potential compromise.
Why was LastPass targeted in another cyberattack?: The company has faced repeated criticism for insufficient security measures. Despite assurances about data protection, recurring incidents raise concerns about the service’s reliability.

Dzen feed: /feed/dzen.xml · RSS: /feed.xml