LastPass Warns Users of Active Phishing Campaign Targeting Master Passwords
Breaking NewsCybercrimeHackingHacking NewsInformation Security NewsIT Information SecurityLastPassPhishingPierluigi PaganiniSecurity AffairsSecurity News
LastPass has alerted its users about an active phishing campaign that began around January 19, 2026. Attackers are impersonating the service by sending emails claiming that urgent maintenance is required. These messages urge users to back up their password vaults within 24 hours. The goal of this campaign is to steal the master passwords of LastPass users.