That resulted in the theft of customer data, including encrypted password vaults.  It is recommended that LastPass users take the following steps immediately to protect themselves.

Lastpass breach, what to do

1.  Change your master password in LastPass

2.  Turn on two-factor authentication (2FA or MFA) for as many of your accounts as possible, particularly high-value accounts like your email, financial services, and highly used social media accounts. This way, even if attackers compromise the passwords for the accounts, they can’t actually log in without the one-time code or hardware authentication key you’ve added as the second factor.

3.  Switch to a new password manager.

4.  Change the passwords for all of those sensitive and high-value accounts.  You can add accounts to the new service as you change the passwords.

5.  Finally, change all the remaining passwords stored in your LastPass vault.

For advice on the best password managers, please go to
https://www.cnet.com/tech/services-and-software/best-password-manager/

Password best practices

  1.  Change your passwords regularly
  2.  Use a long password (at least 12 characters) and use a mixture of characters.  Do not use personal information or easy-to-guess passwords.  If using a password manager, allow it to auto-generate passwords for you or alternatively, consider using the first letters of a phrase
  3.  Never use the same password for multiple accounts
  4.  Always use two-factor authentication where possible
  5.  Always have a trusted antivirus program updated and running on all your devices.

Remember that LastPass will never call, email, or text you.  The same goes for Microsoft,  internet providers etc.

For more scam advice, please go to

https://www.citizensadvice.org.uk/consumer/scams/check-if-something-might-be-a-scam/?gclid=CjwKCAiAwc-dBhA7EiwAxPRylDVejR8kA0vohDaRBi-vBkJEPa5zXZPh93sY1jWKHeFBYJbzO4wJTBoCTrAQAvD_BwE