Aug. 26, 2022
January 5, 2023 Update
The Information Security Office is recommending LastPass Enterprise and Premium users take extra password precautions.
On August 25, 2022, LastPass announced a security incident; however, there is no evidence that it involved any access to customer data or encrypted vaults. LastPass advised that the breach was in their development environment and that some code and other proprietary technical information was exfiltrated.
To our knowledge, no passwords, password hashes, or other user data was collected. Considering the circumstances of this incident, the Information Security Office does not feel that any action needs to be taken at this time (e.g., changing your master password).