Millions of people use LastPass to store passwords for all their various accounts. It’s a great idea, because it can be difficult to come up with different, strong passwords, never mind memorizing them for each website you log into. Unfortunately, a zero day vulnerability has been discovered in LastPass’s cloud vault.
A zero day vulnerability is a built-in exploitable weakness unknown to developers that hackers can use to infiltrate a system. In LastPass’s case, this exploit allows hackers access to a user’s account if they simply browse a malicious website. This means the hacker would gain access to all their passwords, and therefore all their online accounts.
It’s likely that LastPass is working to fix the exploit as soon as they can, but in the meantime LastPass users should be on the lookout for any suspicious activity in any of their accounts and update all their passwords after the security hole has been patched.