After detecting a “traffic anomaly” on one of its database servers, LastPass which is an online password management provider, required all their users to change their master passwords.

This security notification is a result of an irregular network activity at the logs for one of its non-critical systems on Tuesday morning.

In a blog post, the company conveyed on Wednesday, "After delving into the anomaly we found a similar but smaller matching traffic anomaly from one of our databases in the opposite direction (more traffic was sent from the database compared to what was received on the server)."

The online company assumed that their database has been compromised since LastPass has been unable to account for this anomaly. “The amount of data that was transferred out of its system is big enough to have contained people's email addresses, their salted password hashes and the server salt,” LastPass furthered.

Salting is a modus operandi used to make misusing of stolen passwords difficult for hackers. A randomly generated key is added to the password before it is obscured.

LastPass noted, "We also know that the amount of data taken isn't remotely enough to have pulled many users encrypted data blob."

LastPass assured that the possible compromise is unlikely to harm anyone with a "strong, non-dictionary-based master password or pass phrase”. The company only required its users to have their passwords changed because potential hackers might use all methods to guess at weaker master passwords.

The incident prodded the company to implement stronger authentication procedures. The company is also reconstructing the servers that were compromised. All source codes underlying the website have been validated against the original storage area to ensure no corrupting was done.