LastPass has notified its users that it experienced some “suspicious behavior” on their servers and they believe that “email addresses, password reminders, server per user salts, and authentication hashes were compromised”. They also made clear that “we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed”.