Hacker News new | past | comments | ask | show | jobs | submit login

This just happened to me today, but login location was Bangkok. I also haven’t used my lastpass account in almost 2 years since I switched to Bitwarden, so no way this could have stolen from my computer recently



I too moved to bitwarden a year or so ago. Kept my lastpass account around just in case. This post inspired me to finally delete it for good.


Exact same here. Made the jump around a year ago and this post made me realize the lastpass was still a liability so just deleted it.


Same thing for me, havent used my account for years, has strong password and I just got an email that someone from Paris tried to login but was blocked.


!!! This makes 6 of us in this thread...

It's improbable that we were all phished years ago by the same group...

Was the LastPass extension hacked years ago (as mentioned in https://news.ycombinator.com/item?id=29707325 ) and all of our master passwords were leaked/stolen, and someone just attempted to use them?


Same thing for me as well.


Can you please post more information?

Was this an old LastPass account? You didn't use this master password elsewhere, etc.?

Thanks!


Old LastPass account with a random string as the password, definitely not used anywhere else


And you received the same "Someone just used your master password to try to log in to your account from a device or location we didn't recognize" email?

Someone is tracking IP addresses now in the thread -- would you mind sharing what was your attacker's IP?


154.201.46.49


Thanks!




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: