Hackers Steal $4.4Million From 80 Wallets in 1 day

Hackers Steal $4.4Million From 80 Wallets in 1 day

By Miles

30 Oct 2023 (about 1 year ago)

1 min read

Share:

LastPass data breach triggers a $4.4 million crypto theft from 80 wallets, spotlighting the perils of storing digital asset keys in password vaults.

A 2022 data breach in LastPass, a password storage software, reportedly led to $4.4 million in crypto being stolen from 80 wallets, affecting at least 25 people.

On Oct. 27, on-chain researcher ZachXBT and MetaMask developer Taylor Monahan traced the fund movements of 80 affected wallets from Oct. 25. Monahan, in a Chainabuse report, pointed out that most victims were long-term LastPass users who stored their crypto wallet keys/seeds in LastPass.

LastPass, in December 2022, revealed that an attacker, using information from an August breach, targeted a LastPass employee, gaining access to and decrypting customer data. Encrypted customer vault data was also taken, which could be decrypted with a brute-force attack on the account’s master password.

Cybersecurity journalist Brian Krebs reported in September that some LastPass vaults had been cracked, with over $35 million in crypto stolen from around 150 victims. By January, a class-action suit was filed against LastPass, relating to a theft of around $53,000 worth of Bitcoin from the August breach.

ZachXBT, in a recent post, strongly advised anyone who stored wallet seeds or private keys in LastPass to “migrate your crypto assets immediately.”

Share:
Go back to All News
Previous article

Thailand KBANK Buys Local Crypto ...

Thailand KBANK Buys Local Crypto Exchange
Next article

CME To Replace Binance as ...

CME To Replace Binance as the Largest Bitcoin Futures Exchange