LastPass Not Hacked, Phishing Email Used To Target Customers

LastPass, a leading password management service, has confirmed that it was not hacked despite recent phishing emails targeting its customers. The company clarified that no breach of its systems occurred and that the phishing attempts were designed to deceive users into revealing their credentials. This incident highlights the ongoing threat of phishing attacks in the cybersecurity landscape, emphasizing the need for vigilance among users and organizations alike. Phishing remains one of the most prevalent cyber threats, often exploiting brand trust to trick victims. In this case, attackers sent emails impersonating LastPass, urging recipients to take urgent action, which could lead to credential theft or unauthorized access. LastPass's swift response and communication helped mitigate potential damage and reassured customers of their data's safety. Security experts recommend users always verify the authenticity of emails, avoid clicking on suspicious links, and enable multi-factor authentication (MFA) wherever possible. Organizations should also invest in employee training and advanced email filtering solutions to reduce phishing risks. This event serves as a reminder that even trusted brands can be impersonated by cybercriminals, and continuous awareness and proactive security measures are essential to protect sensitive information. LastPass's transparency and prompt action set a positive example for incident response in the cybersecurity community.

This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 16 Oct 2025 12:30:11 +0000

Cyber News related to LastPass Not Hacked, Phishing Email Used To Target Customers

LastPass Free vs. Premium: Which Plan Is Right for You? - LastPass is a password manager that integrates with web browsers and other applications to securely save and autofill passwords. LastPass Free comes at no cost and provides features like unlimited password management and dark web monitoring. LastPass ...
1 year ago Techrepublic.com

10 Best Anti-Phishing Tools in 2025 - What is Good?What Could Be Better?Real-time email threat detection and response using AI and machine learning.Limited customer support optionsAutomates incident response to stop phishing attacks quickly.The training module is not entirely ...
4 months ago Cybersecuritynews.com

LastPass now requires 12-character master passwords for better security - LastPass notified customers today that they are now required to use complex master passwords with a minimum of 12 characters to increase their accounts' security. Even though LastPass has repeatedly said that there is a 12-character master password ...
1 year ago Bleepingcomputer.com

LastPass breach linked to theft of $4.4 million in crypto - Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents. The news comes ...
2 years ago Bleepingcomputer.com

LastPass is enforcing some security changes to user accounts - LastPass is making some changes to enhance the security of its to user accounts. The news comes as a follow-up to the company's plans to enforce stronger passwords a few months ago. ADVERTISEMENT. A brief recap of the LastPass security breaches. ...
1 year ago Ghacks.net

Feds Link $150M Cyberheist to 2022 LastPass Hacks – Krebs on Security - In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service ...
9 months ago Krebsonsecurity.com

Timeline of the Latest LastPass Data Breaches - A Complete Overview - LastPass, a popular password management system, has been the target of malicious hackers several times in the last few years. In this article, we’ll take a look at the latest LastPass data breaches and what happened in each incident. ...
2 years ago Csoonline.com

10 Best Email Security Gateways in 2025 - Barracuda Email Security Gateway is a solution that helps protect organizations from email-borne threats such as spam, viruses, phishing, and other malicious content. It uses various methods, including filtering, encryption, and sandboxing, to ...
10 months ago Cybersecuritynews.com

What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com

The 6 Best Email Security Software & Tools of 2024 - To guarantee full protection against email threats, important features to consider when picking an email security solution include email filtering and spam detection, sandboxing, mobile support, advanced machine learning, and data loss prevention. ...
1 year ago Esecurityplanet.com

Fake LastPass password manager spotted on Apple's App Store - LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials. The fake app uses a similar name to the genuine app, a similar icon, and a red-themed interface ...
1 year ago Bleepingcomputer.com

Security Breach at LastPass: Customer Data Taken - A recent security breach has exposed customer data from LastPass, a password manager. LastPass has confirmed that a third party was able to access some of the data, including users’ email addresses, hashed passwords, and other account and profile ...
2 years ago Hackread.com

Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com

Fake app impersonating LastPass spotted in Apple's App Store The Register - LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. A screenshot of the fake LastPass app in the Apple App ...
1 year ago Go.theregister.com

LastPass Warns of Fake Repositories Targeting Its Customers - LastPass has issued a critical warning to its customers about the emergence of fake repositories impersonating the official LastPass GitHub repositories. These counterfeit repositories are being used by cybercriminals to distribute malicious code and ...
3 months ago Thehackernews.com

LastPass Not Hacked, Phishing Email Used To Target Customers - LastPass, a leading password management service, has confirmed that it was not hacked despite recent phishing emails targeting its customers. The company clarified that no breach of its systems occurred and that the phishing attempts were designed to ...
2 months ago Infosecurity-magazine.com

LastPass Hikes Password Requirements to 12 Characters - Password-manager purveyor LastPass has announced it's setting new rules about the strength of customer passwords, with a new mandate that account master passwords include a minimum of 12 characters. A Jan. 2 blog post from LastPass senior principal ...
1 year ago Darkreading.com

Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com

Got Now Suffers Security Breach After Acquisition of LastPass - Got Now, the parent company of password vault LastPass, recently suffered a massive security breach, resulting in malicious actors gaining access to LastPass user data. LastPass, a cross-platform password manager which is used as an authentication ...
2 years ago Thehackernews.com

LastPass Enforces 12-Character Master Passwords - Two years after suffering a series of major beaches, LastPass has started implementing stricter password measures for its customers. These include the requirement for all customers to use a master password with at least 12 characters. This measure ...
1 year ago Infosecurity-magazine.com

Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com

Phishing kits now vet victims in real-time before stealing credentials - Even if they were allowed to use the real target's address, the analysts comment that some campaigns go a step further, sending a validation code or link to the victim's inbox after they enter a valid email on the phishing page. However, with this ...
8 months ago Bleepingcomputer.com

Email Security Trends And Predictions in 2024 - One of the most critical aspects of this broad topic is email security. Email security refers to the collective measures used to secure the access and content of an email account or service. An email service provider implements email security to ...
2 years ago Cybersecuritynews.com

Business Email Compromise Scams: Prevention and Response - We will also highlight red flags to watch out for in suspicious emails, emphasizing the importance of implementing robust email authentication methods and comprehensive employee training programs to enhance awareness and response capabilities. BEC ...
1 year ago Securityzap.com

Beware: PayPal "New Address" feature abused to send phishing emails - The email includes the new address that was allegedly added to your PayPal account, including a message claiming to be a purchase confirmation for a MacBook M4, and to call the enclosed PayPal number if you did not authorize the purchase. The goal of ...
10 months ago Bleepingcomputer.com