DALLAS –LastPass, an internet company that offers a way to centrally manage passwords, disclosed a data breach in which email addresses, password reminders and encrypted password hashes (digital fingerprint) were accessed.

Authorized shoppers who store information for shopmyexchange.com and MyECP.com accounts through LastPass should change their passwords for these accounts. 

LastPass reports they found no evidence of encrypted data taken or any LastPass user accounts accessed. LastPass believes that the data stored on their servers could not be used to facilitate a large compromise of account passwords.

LastPass advises users to change their master password if it was used as a password at other websites. They also recommend users enable multifactor authentication for added security. Multifactor Authentication protects accounts by requiring two forms of identification (Master Password + another optional form of identification) for access. 

For more information please see the LastPass Security Notice.

— 30 —

The Army & Air Force Exchange Service goes where Soldiers, Airmen and their families go to improve the quality of their lives through goods and services provided. Exchange earnings provide dividends to support military morale, welfare and recreation programs. The Exchange is part of the Department of Defense and is directed by a Board of Directors, responsible to the Secretaries of the Army and Air Force through the Chiefs of Staff.  To find out more about the Exchange history and mission or to view recent press releases please visit our Web site at http://www.aafes.com/about-exchange/public-affairs/press-releases.htm or follow us on Twitter at https://twitter.com/ExchangePAO.

###

This entry was posted on Thursday, June 18th, 2015 at 13:01 and is filed under Press Release. You can follow any responses to this entry through the RSS 2.0 feed.