Hi, I've recently had a nightmare where both my Gmail and LastPass accounts were hacked and now I'm wondering whether I should delete both accounts and not use them again?
I'm not sure which was hacked first but I woke up one morning to find notifications on my phone from Gmail and LastPass saying my passwords had been changed and someone was attempting access. I then went to my PC to log into my Gmail and found I couldn't get in as the password had been changed. More worryingly though, I couldn't log into my LastPass account as both the master password and my email address had been changed. This gave the hacker complete access to every site and service I used and my banking and card details.
I have managed to get back into my Gmail account now but my LastPass is still not working due to the email address change and it's showing me as an unknown user. Luckily I had gone to the bank and put a stop on my card (found that someone had made some purchases already on my card but those were cancelled and the money refunded) and they have sent out a new card to me. I've also had to order a new sim card for my mobile as the hacker also has my mobile number and so I want to change it.
I couldn't get any help from LastPass other than articles on their site suggesting I try to revert or reset my master password or if my email address has been compromised, to set up a new account and start to change all my passwords for the sites I use (which I had done anyway regardless of using LastPass). I have opened a support ticket with them but they've been very slow to respond and haven't offered any help other than links to those articles I mentioned.
I don't understand why they didn't block access to the account straight away seeing as the person trying to gain access was from a completely different country (or supposedly so, he was using IPVanish) and had a different IP address than mine. Instead they just sent notifications to me overnight while I was in bed and left it up to me to sort out, meanwhile granting access to the hacker to be able to change my password and email address.
Anyway, I don't think I'll be using LastPass again and wondered if I should close my Gmail account as well? I have set up a new email account and changed all my passwords for everything and used much stronger passwords but I don't feel comfortable trusting LastPass or any password manager to keep my passwords and banking details safe anymore.
I did some anti virus and anti malware scans btw and they showed nothing on my computer. I use Windows Defender and Malwarebytes Premium and they have real-time protection and I have never had any problems before so I'm not sure how the hacker was able to get my information. Perhaps there was a site leak someone that exposed my email address and password?
Any advice on this would be much appreciated.
I'm not sure which was hacked first but I woke up one morning to find notifications on my phone from Gmail and LastPass saying my passwords had been changed and someone was attempting access. I then went to my PC to log into my Gmail and found I couldn't get in as the password had been changed. More worryingly though, I couldn't log into my LastPass account as both the master password and my email address had been changed. This gave the hacker complete access to every site and service I used and my banking and card details.
I have managed to get back into my Gmail account now but my LastPass is still not working due to the email address change and it's showing me as an unknown user. Luckily I had gone to the bank and put a stop on my card (found that someone had made some purchases already on my card but those were cancelled and the money refunded) and they have sent out a new card to me. I've also had to order a new sim card for my mobile as the hacker also has my mobile number and so I want to change it.
I couldn't get any help from LastPass other than articles on their site suggesting I try to revert or reset my master password or if my email address has been compromised, to set up a new account and start to change all my passwords for the sites I use (which I had done anyway regardless of using LastPass). I have opened a support ticket with them but they've been very slow to respond and haven't offered any help other than links to those articles I mentioned.
I don't understand why they didn't block access to the account straight away seeing as the person trying to gain access was from a completely different country (or supposedly so, he was using IPVanish) and had a different IP address than mine. Instead they just sent notifications to me overnight while I was in bed and left it up to me to sort out, meanwhile granting access to the hacker to be able to change my password and email address.
Anyway, I don't think I'll be using LastPass again and wondered if I should close my Gmail account as well? I have set up a new email account and changed all my passwords for everything and used much stronger passwords but I don't feel comfortable trusting LastPass or any password manager to keep my passwords and banking details safe anymore.
I did some anti virus and anti malware scans btw and they showed nothing on my computer. I use Windows Defender and Malwarebytes Premium and they have real-time protection and I have never had any problems before so I'm not sure how the hacker was able to get my information. Perhaps there was a site leak someone that exposed my email address and password?
Any advice on this would be much appreciated.