In an extensive investigation carried out by a German security firm, Exodus, the popular password manager app LastPass was found to collect and send personal information of subscribers using the Android app. It does so with the help of seven different built-in trackers.
Even though LastPass allows you to opt-out of those trackers, the very existence of the built-in software could pose a security risk for the users. The trackers collect data such as device information, mobile operator, the type of LastPass account and the Google Advertising ID used to connect user data across other apps and platforms.
Four of those trackers are for Google analytics and crash reports while the rest are serving info to AppsFlyer, MixPanel and Segment with the latter specializing in user profiling and targeting ads.
LastPass’ spokesperson says that all of the trackers serve to improve the user experience and promises that they don’t send out sensitive user information. And in case you don’t want those trackers on your phone, you can disable them by heading to the Privacy sub-menu in the app and turn them off.