A free service that lets consumers digitally store all their passwords for their various website logins now suspects it was hit by hackers, leaving millions of accounts of all types vulnerable.
Currently, more than 1 million consumers utilize the password manager LastPass, but now the company, fearful that it has been victimized by a targeted hacking scheme, will force its customers to change their master login information, according to a report from The New York Times. Anyone who gained access to a LastPass user’s account would be able to find the unencrypted login data for every site they regularly visit, from email servers and social networks to banking sites.
The service suspects but cannot confirm the attack because of two separate “traffic anomalies” that it could not identify, the report said. One of those included someone “leaving” the company’s database. However, the company will also protect users by ensuring that any attempts to access their personal information are from IP addresses similar to those they’ve used in the past.
Since the extent of the potential breach is unknown, experts recommend that consumers be extra-cautious and change their passwords, especially for sensitive and financial accounts stored with LastPass.
More from Identity Theft 911:
- Government Hack Attacks Show Need for Cyber-Intel Awareness
- Yankees Reputation Takes a Hit as Breach Exposes Sensitive Fan Information
- Don’t Get Pwned By Sony. Your Information May Have Been Stolen – Now What?
A version of this article originally appeared on Identity Theft 911 on May 6, 2011.