We’ve built a tool to help you check if your email address was on the list of affected accounts: https://lastpass.com/adobe/
About a month ago, the software company Adobe had a big data breach said to have affected some 3 million users. News then circulated that 38 million users were affected – but wait, the problem gets worse. The data dump that was recently published online has been shown to contain 150 million breached records.
We’ve also learned that significantly more data was stolen than first thought, including emails, encrypted passwords, password hints, names, credit card numbers, and card expiration dates.
In addition to using our tool above to check your email, we are strongly encouraging our users to take additional action steps now to protect themselves from the breach:
1. Run the LastPass Security Check. In the LastPass Icon’s Tools menu, run the Security Check to see if you were using the Adobe password for any other accounts.
2. Change your Adobe password. Login to your Adobe account and update your password: https://www.adobe.com/go/passwordreset and use LastPass to generate a new one.
3. Update the passwords for any other accounts that used the same password.
4. Share the LastPass tool. Help friends, family, and coworkers check if their accounts were affected, and show them how they can follow these steps to better protect themselves.
Since credit cards were affected, you may also want to consider signing up for free credit monitoring alerts like the ones LastPass provides. If any unusual activity is detected, you can take action immediately and mitigate the damage.
For a full analysis of the Adobe data dump, check out Paul Ducklin’s article on the Sophos NakedSecurity blog. We’ll be keeping an eye on how this story continues to develop, but most importantly we want LastPass users to continue being proactive in protecting their sensitive information, and their identities online. If you’re new to secure password management, get started today by downloading LastPass, creating a free account, and updating your passwords to secure, generated ones.