BanklessTimes
Home News LastPass Toll Grows: $4.4M Stolen in 1 Day

LastPass Toll Grows: $4.4M Stolen in 1 Day

Daniela Kirova
Daniela Kirova
Daniela Kirova
Author:
Daniela Kirova
Writer
Daniela is a writer at Bankless Times, covering the latest news on the cryptocurrency market and blockchain industry. She has over 15 years of experience as a writer, having ghostwritten for several online publications in the financial sector.
October 30th, 2023
  • $4.4M was drained from a total of 80 wallets in just one day
  • Most victims had been longtime users of the software app
  • App users claim they lost bitcoin worth approx. $53,000

In September, blockchain sleuths reported that victims of the LastPass breach, which took place last year, have lost at least $35 million in crypto. In the latest hack, another $4.4 million was stolen, Cointelegraph wrote. This amount was drained from a total of 80 wallets in just one day.

What is LastPass?

LastPass is a popular password management and security tool that helps users store and organize their passwords and other sensitive information. It’s a software application that offers a range of features to enhance online security and streamline the login process. Some of its primary features include password management and generation.

LastPass stores your login credentials for various websites and applications, allowing you to create complex, unique passwords for each account without the need to remember them all.

The attacker stole an employee’s credentials

MetaMask developer Taylor Monahan and blockchain researcher ZachXBT traced at least 80 wallets’ fund movements, the latter tweeted. Monahan added that most victims had been longtime users of the software app.

The app reported that a cybercriminal had used data stolen in an August 2022 data breach. He stole a LastPass employee’s login details and was able to decrypt stored customer data.

Client vault data backup was also stolen

The attacker also stole a backup of encrypted client vault data. If he is able to guess the master password, he can decrypt all of the data.

Attackers seem to have cracked some LastPass customer vaults according to cybersecurity journalist Brian Krebs. A total of 150 customers lost more than $35 million worth of crypto.

The app is facing a lawsuit

The software app is facing a class-action lawsuit from customers, who claim they lost bitcoin worth approx. $53,000 in the August 2022 breach.

On X, ZachXBT warned all LastPass clients who have ever stored a private key or wallet seed in the app to move their digital assets immediately.

Contributors

Daniela Kirova
Writer
Daniela is a writer at Bankless Times, covering the latest news on the cryptocurrency market and blockchain industry. She has over 15 years of experience as a writer, having ghostwritten for several online publications in the financial sector.