LastPass - Users reporting being unexpectedly logged out

Incident Report for LastPass

Postmortem

Summary 

LastPass received notifications from a sub-set of customers that they were being logged out while updating to the new extension version if their vault was opened in a separate window. 

 

We reviewed the observability metrics to confirm an above average number of customer logouts. 

 

Rollbacks of the latest extension version were triggered and submitted to the stores that were on the new version. 

  

Date 

Issue Start Time (UTC): 8/29/2025 15:00 UTC

Issue End Time (UTC):  8/30/2025 14:00 UTC 

 

Products Impacted  

extension version 4.146.6 

Chrome 4.146.6 was ramped 20% 

Safari 4.146.6 was ramped 100% 

Edge 4.146.6 was ramped 100% 

 

Root-Cause 

Recent updates to the LP extension aimed at preventing clickjacking vulnerabilities inadvertently introduced a coding issue that affects certain edge cases when opening the SPA vault. As a result, some users experienced unexpected logout events. 

 

Future Preventative Measures 

There are multiple future mitigations for this planned:

  1. Automated testing will cover the identified edge cases. 
  2. Based on the identified error scenarios, we extended our monitoring capabilities to ensure earlier detection. 

 

Related issues 

N/A

Posted Sep 23, 2025 - 18:03 UTC

Resolved

We have confirmed that the issue has been resolved. We will conduct an internal review of this issue to help prevent or minimize future recurrence and release an RCA in the following week.
Posted Sep 05, 2025 - 15:00 UTC

Update

We will continue monitoring this issue through the weekend and release an RCA in the following week.
Posted Aug 30, 2025 - 13:15 UTC

Monitoring

We have confirmed that the issue has been resolved in Chrome and are preparing the rollback of the release on all supported browser extensions. We will continue monitoring this issue through the weekend and release an RCA in the following week.
Posted Aug 29, 2025 - 23:35 UTC

Identified

Our engineers have identified the issue and are now actively working towards a resolution. We will provide another update shortly.
Posted Aug 29, 2025 - 22:09 UTC

Investigating

We are actively investigating reports that some users are unexpectedly being logged out of the Chrome extension. Our engineers are working to identify the issue and will provide another update shortly.
Posted Aug 29, 2025 - 21:16 UTC
This incident affected: Login (Other) and Vault.
Current Status Powered by Atlassian Statuspage