LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords

Published:

21 januari 2026 om 06:40:00

Alert date:

21 januari 2026 om 07:01:25

Source:

thehackernews.com

Identity & Access, Email & Messaging, Security Tools

LastPass is warning users about an active phishing campaign that began around January 19, 2026. The attackers are impersonating LastPass and sending fake maintenance emails to trick users into revealing their master passwords. The phishing emails claim there is upcoming maintenance and urgently request users to create a local backup of their password vaults within 24 hours. This is an active threat targeting LastPass users specifically to compromise their master passwords and potentially gain access to all stored credentials.

Technical details

Phishing campaign active since January 19, 2026, impersonating LastPass with fake maintenance emails. Campaign uses false urgency tactics claiming users need to create local backups within 24 hours. Emails redirect users through Amazon S3 staging site (group-content-gen2.s3.eu-west-3.amazonaws.com/5yaVgx51ZzGf) to phishing domain mail-lastpass.com to steal master passwords.

Mitigation steps:

Be aware that LastPass will never ask for master passwords or demand immediate action under tight deadlines. Stay vigilant and report suspicious activity. LastPass is working with third-party partners to take down malicious infrastructure.

Affected products:

LastPass password manager