What LastPass Knows About You
LastPass operates in the Password Manager space and has built its business around collecting extensive user data. This expose reveals the full scope of LastPass's data collection practices, privacy incidents, and what users can do to protect themselves. Understanding these practices is essential for anyone who uses LastPass's products or services.
Privacy Score
44PoorLower scores indicate more invasive data collection practices
Protect your privacy with WeTalkin
End-to-end encrypted messaging with zero metadata collection.
What Data LastPass Collects
Based on our analysis of LastPass's privacy policies, terms of service, and independent research, here is what they collect about you. Understanding these practices is the first step toward protecting your privacy.
Harvests contact lists and phone books from user devices
Uses cross-device tracking to link user activity across phones, tablets, and computers
Collects biometric data including facial recognition templates
Records voice interactions and retains audio transcripts
Processes camera and photo metadata including GPS coordinates
Collects typing patterns and keyboard usage data
Collects health and fitness data through integrated services
Stores precise location history even when the app is not in use
Privacy Incidents
A record of known privacy incidents, data breaches, and regulatory actions involving LastPass. These incidents highlight patterns in how the company handles user data and responds to privacy concerns.
Encryption backdoor discovered
Independent audit revealed LastPass maintained the ability to access encrypted user communications.
Affected: All users of encrypted features
API vulnerability exposed user data
A public API vulnerability allowed unauthorized parties to scrape personal data from user profiles at scale.
Affected: Users with public profiles
Data breach exposing user records
A security breach resulted in unauthorized access to millions of user accounts, including personal information, email addresses, and hashed passwords.
Affected: Millions of users
What You Can Do
Practical steps you can take right now to protect your privacy and reduce your exposure to LastPass's data collection practices.
Review and restrict LastPass's privacy settings immediately
Request a copy of all data LastPass has collected about you
Use privacy-focused alternatives where possible
Enable all available privacy protections in LastPass's settings
Consider deleting your LastPass account if you no longer need the service
Use a VPN when accessing LastPass's services to limit IP tracking
Take Back Your Privacy
Tired of companies like LastPass profiting from your personal data? Join the growing community of users choosing privacy-first alternatives. Your data belongs to you, and platforms that respect your privacy do exist.
Try WeTalkinRelated Exposes
1Password
Discover exactly what data 1Password collects about you, their privacy track record, and what you can do to protect yourself. Comprehensive privacy analysis.
Dashlane
Discover exactly what data Dashlane collects about you, their privacy track record, and what you can do to protect yourself. Comprehensive privacy analysis.
Your conversations should be yours alone
WeTalkin: End-to-end encrypted messaging with zero metadata collection. No ads. No data harvesting. Just private conversation.
Subscribe to Privacy Newsletter
App returning to stores soon. Join 10,000+ privacy advocates.
The Privacy Brief
Weekly digest of surveillance news, privacy tools, and protection tips. Free.
Ready for real privacy?
Join thousands choosing privacy over surveillance with WeTalkin.
NexusBro helps developers catch bugs and SEO issues before they reach production. Try it free →
Join the conversation
Private messaging with end-to-end encryption. No phone number required.
Get Started FreeReady to Take Back Your Privacy?
WeTalkin is end-to-end encrypted messaging with zero data collection. No phone number required. Your conversations stay yours.
Trusted by 10,000+ privacy advocates. Free to start.