June 25, 2026
Password drama never logs out
LastPass notifies users of yet another data breach
LastPass says your password vault is safe, but users are asking why this keeps happening
TLDR: LastPass says this new breach came through an outside partner and did not expose password vaults, but customer contact and support details were accessed. Online, the mood is brutal: users are mocking the repeat incidents and arguing over whether password managers are safety tools or one big point of failure.
LastPass is back in the spotlight again, and the internet is reacting like it just saw the plot twist coming from miles away. The company says this latest mess did not crack open people’s password vaults, but hackers reportedly got customer contact details and support case info through outside partner Klue. In plain English: names, phone numbers, emails, addresses, and customer support history may have been exposed, and LastPass is now warning users to watch out for scam emails and social engineering tricks.
But in the comments, the real headline is basically: how many chances does one company get? One user dropped the dry zinger, “Third time’s the charm,” which pretty much set the mood. Another bluntly summed up the trust crisis with, “How does anyone seriously trust LastPass anymore?” That’s the drama here: even though LastPass insists the password vault itself wasn’t touched this time, many users seem exhausted by the repeat appearances of the brand in breach news.
The hottest debate wasn’t just about LastPass, but about password managers in general. One camp argued these tools swap lots of little risks for one giant risk if the manager gets hit. The other side, hilariously, responded with chaos energy: just forget most passwords and hit “forgot my password” every time. And then came the sharpest joke of all: a company meant to protect your data got burned because it shared some of that data with someone else. Ouch.
Key Points
- •LastPass said a breach at third-party vendor Klue exposed customer information and support case data tied to LastPass.
- •The company said the accessed data included names, phone numbers, email addresses, physical addresses, support case data, and sales-related CRM data.
- •LastPass stated that password vaults were not affected by this incident.
- •In response, LastPass said it revoked employee access to Klue, rotated exposed API tokens, notified law enforcement, and began an investigation with Klue and Salesforce.
- •The article notes this incident follows earlier LastPass security breaches in 2015 and 2022, including one that exposed encrypted password vaults and customer records.