LastPass revealed right before Christmas that hackers had accessed users’ password vaults following breaches in August and November.
One security researcher, Wladimir Palant, blasted LastPass’s December 22 statement for its “omissions, half-truths and outright lies,” while another researcher, Jeremi Gosney, recommended moving to another password manager. LastPass maintains that users’ login information is still secure.