Today, LastPass issued a security notice on their blog explaining that they detected some suspicious activity on their network. They believe that “LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised” but also that the encrypted passwords (the vault) was not accessed.
What does all this really mean? I found the security notice a little vague and I thought that it is worth writing a post about what the breach exactly means and what the attackers can do with the stolen data.
Based on the LastPass notice, attackers have the following:
- Email addresses
- Password reminders
- Server salts
- Authentication hashes
Let’s break it down and see what kind of attacks are possible…