LastPass Security Breach


LastPass recently released a statement with more details about a compromise earlier this year in which unknown acts obtained customer cloud storage vaults. University InfoSec has determined the risk of hackers gaining access to that encrypted data is low for most LastPass users. 

As we learn more about how this breach affects the Wharton Community we will update this page.


Impact

Following the notice on 12/22/22 from LastPass regarding its recent security compromise, the University's  Information Security team (InfoSec) has determined the risk of hackers gaining access to that encrypted data is low for most LastPass users. Out of an abundance of caution, we are reaching out to LastPass users with the recommendations listed below. These recommendations reflect current best practice.

Actions Needed

We recommend taking the following steps as soon as possible

Recommendations

In addition to the Action Items listed above, we recommend that you: 

  • Change all passwords stored in your vault,  starting with your most important ones first.
  • If you have sensitive data stored in other fields, change that data if applicable.
  • Update the LastPass default iteration setting of 100100. Directions for changing that are here -- 310,000 is now recommended.
  • Remove LastPass entries for services you are no longer using.
  • Be on the lookout for suspicious spam/phishing messages from attackers pretending to be LastPass

Because your email address and the sites LastPass stores passwords for may have been accessed, there is an increased risk of phishing attacks impersonating LastPass itself or targeting LastPass users.  Please remain alert for these types of attacks.  If you are unsure of the legitimacy of any email, please reach out to your support team.

Questions?

If you have questions or comments, please reach out to your Wharton Computing Support Representative.