The impact of the 2022 Last Pass hack appears to be bigger than it initially appeared.
Last year’s hack of Ripple co-founder Chris Larsen's crypto accounts has been linked to the LastPass data breach, according to a complaint filed by U.S. law enforcement.
In 2024, hackers stole over $100 million of Larsen’s personal XRP accounts and reportedly laundered funds through the biggest crypto exchanges, including Binance.
It appears @Ripple was hacked for ~213M XRP ($112.5M)
undefined ZachXBT (@zachxbt) January 31, 2024
Source address
rJNLz3A1qPKfWCtJLPhmMZAfBkutC2Qojm
So far the stolen funds have been laundered through MEXC, Gate, Binance, Kraken, OKX, HTX, HitBTC, etc pic.twitter.com/HKGYsLQeMv
Investigator ZachXBT, who first reported on the hack, now claims that Larsen storing his private keys in Password Manager caused the breach.
The investigator’s findings were based on a legal complaint, which didn’t directly name Larsen but referred to him as “Victim.”
Out of over $100 million stolen, prosecutors were able to freeze $24 million worth of crypto assets. Last week, investigators were allowed to officially seize the funds, according to Krebs on Security.
In December, security researchers of The Security Alliance estimated that crypto losses connected to the Last Pass breach have exceeded $250 million and are growing.
In 2022, LastPass confirmed that an unauthorized party accessed its third-party cloud-based storage service, which was used to store archived backups of its production data.
The company stated that the attacker copied information from a backup containing basic customer account details and metadata, including company names, end-user names, billing addresses, email addresses, phone numbers, and the IP addresses used to access the service.
A backup of customer vault data from the encrypted storage container was also copied.
Your email address will not be published. Required fields are markedmarked