LastPass Security Breach Reportedly Linked to A Atring of Crypto Heists

LastPass security breach reportedly linked to a string of crypto heists. Reports claim that since the December 2022 breach of LastPass, $35 million has so far been stolen.

LastPass Security Breach

LastPass Security Breach

Cryptocurrency heists all amounting to six figures have reportedly been taking place every month since the latter parts of last year, and experts are now tying the said action to the December 2022 LastPass breach.

CEO of LastPass Karim Toubba has already disclosed and actioned plans in a bid to reduce the likelihood of attacks taking place in the future, but for some high-net-worth individuals who still had trust in the platform, it could be way too late.

The news in question comes from Taylor Monahan, software cryptocurrency wallet MetaMask’s lead product manager, who in question noted a connection between the victims of both the LastPass breach and then the crypto heists.

Researchers Have Now Identified Clues Dating Back To December 2022

Monahan as well as other researchers have now identified clues all dating back to December 2022 when the said breach took place, thus linking over 150 crypto heist victims to the incident at LastPass. The total value of cryptocurrency that was stolen reportedly stands at over $35 million.

And given just how much money the victims had put aside in cryptocurrency, it is quite unsurprising that Monahan noted their healthy account security. However, that was not quite enough to deter criminals who seem to have gotten their hands on and gotten access to the seed phrases that were used in unlocking accounts, which were reportedly stored in the popular password manager.

The Outcome of the Research

According to the research that was put together by cybersecurity blogger Brian Krebs, between two and five “high-dollar heists” have taken place each month ever since the breach happened.

Krebs also added: “LastPass declined to answer questions about the research highlighted in this story, citing an ongoing law enforcement investigation and pending litigation against the company in response to its 2022 data breach.”

LastPass’s Comment on the Issue

TechRadar Pro gave LastPass the opportunity to comment on the research and the new development, but the company has yet to respond to the request.

What Users Should Do In The Light Of This Development

Those who are concerned about account security should consider setting up additional protective measures such as two-factor authentication, as well as also refraining from storing all account information in one place.

Finally, all Internet users on the other hand should be cautious of phishing scams, and if in doubt, they should revisit the webpage from a genuine URL rather than just going through a link in an email.



Please enter your comment!
Please enter your name here