Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Cryptocurrency hacker takes $4.4 million in a single day as losses increase from LastPass security incident.
At least 25 individuals have allegedly experienced a loss of $4.4 million in cryptocurrency from over 80 wallets due to a data breach in 2022 that affected the password management software LastPass.
In a post on X (formerly Twitter) dated October 27, pseudonymous on-chain analyst ZachXBT mentioned that he and MetaMask developer Taylor Monahan monitored the movement of funds from at least 80 wallets that were compromised on October 25.
“Most, if not all, of the victims are long-term LastPass users and/or confirm having stored their [crypto wallet] keys/seeds in LastPass,” Monahan stated in a related Chainabuse report.
On October 25, 2023 alone, approximately $4.4 million was siphoned from over 25 victims due to the LastPass breach.
It cannot be emphasized enough, if you think you may have ever stored your seed phrase or keys in LastPass, transfer your crypto assets without delay. pic.twitter.com/26HsxrlnCb— ZachXBT (@zachxbt) October 27, 2023
In December 2022, LastPass revealed that an attacker exploited information previously obtained in a breach from August to target a LastPass employee, acquiring their credentials and decrypting stored customer data.
Related Posts
A backup of encrypted customer vault data was also taken, which LastPass cautioned could be decrypted if the attacker successfully guessed the account’s master password through brute force.
Related: Blockchain congestion and transaction queues actually deter ‘nefarious actors’: Study
In a blog post from September, cybersecurity journalist Brian Krebs reported that some LastPass customer vaults appeared to have been breached, resulting in the theft of over $35 million in cryptocurrency from around 150 victims.
In January, LastPass faced a class-action lawsuit from individuals asserting that the August 2022 breach led to the theft of approximately $53,000 in Bitcoin (BTC).
In his most recent post on X, ZachXBT urged anyone who has ever stored a wallet seed or private key in LastPass to “migrate your crypto assets immediately.”
Magazine: Deposit risk: What do crypto exchanges really do with your money?
