LastPass security breach reportedly linked to a string of crypto heists. Reports claim that since the December 2022 breach of LastPass, $35 million has so far been stolen.
LastPass Security Breach
Cryptocurrency heists all amounting to six figures have reportedly been taking place every month since the latter parts of last year, and experts are now tying the said action to the December 2022 LastPass breach.
CEO of LastPass Karim Toubba has already disclosed and actioned plans in a bid to reduce the likelihood of attacks taking place in the future, but for some high-net-worth individuals who still had trust in the platform, it could be way too late.
The news in question comes from Taylor Monahan, software cryptocurrency wallet MetaMask’s lead product manager, who in question noted a connection between the victims of both the LastPass breach and then the crypto heists.
Researchers Have Now Identified Clues Dating Back To December 2022
Monahan as well as other researchers have now identified clues all dating back to December 2022 when the said breach took place, thus linking over 150 crypto heist victims to the incident at LastPass. The total value of cryptocurrency that was stolen reportedly stands at over $35 million.
And given just how much money the victims had put aside in cryptocurrency, it is quite unsurprising that Monahan noted their healthy account security. However, that was not quite enough to deter criminals who seem to have gotten their hands on and gotten access to the seed phrases that were used in unlocking accounts, which were reportedly stored in the popular password manager.
The Outcome of the Research
According to the research that was put together by cybersecurity blogger Brian Krebs, between two and five “high-dollar heists” have taken place each month ever since the breach happened.
Krebs also added: “LastPass declined to answer questions about the research highlighted in this story, citing an ongoing law enforcement investigation and pending litigation against the company in response to its 2022 data breach.”
LastPass’s Comment on the Issue
TechRadar Pro gave LastPass the opportunity to comment on the research and the new development, but the company has yet to respond to the request.
What Users Should Do In The Light Of This Development
Those who are concerned about account security should consider setting up additional protective measures such as two-factor authentication, as well as also refraining from storing all account information in one place.
Finally, all Internet users on the other hand should be cautious of phishing scams, and if in doubt, they should revisit the webpage from a genuine URL rather than just going through a link in an email.
MORE RELATED POSTS
- LogMeIn rebrands as GoTo, still plans to spin off LastPass
- Best Netflix Shows – Watch all the Best Netflix Series and Shows on Netflix.com
- Facebook Dating Home for Singles: Facebook Dating App | Dating in Facebook Free
- T-Mobile Reportedly Breached Again
- WhatsApp Data Breach Sees Close to 500 Million User Information Up For Sale