25 Crypto Users Lose Over $4 Million in LastPass Hack
According to on-chain investigator ZachXBT, around 25 crypto users who were using the popular password manager LastPass lost more than $4 million worth of digital assets on October 25. The investigation revealed that the exploit can be traced back to a breach in December 2022 when LastPass confirmed that hackers had copied a backup of its customer vault data. This included sensitive information such as usernames, passwords, and form-filled data. Since then, malicious actors have been draining wallets belonging to crypto users who may have stored their seed phrases on the platform. Over 150 victims have reported losses of more than $35 million since December.
Newest Exploit Affects 25 Victims, Resulting in $4.4 Million Loss
The most recent exploit affected approximately 80 crypto addresses belonging to the 25 victims. As a result, they lost a total of $4.4 million. It was discovered that most, if not all, of the victims were long-time LastPass users who had stored their keys or seeds on the platform. Security experts are now advising LastPass users on how to mitigate further losses from this event.
Security Experts Offer Advice on Next Steps
Various crypto security experts have provided guidance to LastPass users on how to protect themselves from further losses. One expert advised affected users to file a report with the Internet Crime Complaint Center (IC3) if they haven’t already done so. Another security expert warned that all credentials stored in LastPass prior to the breach should be considered compromised, urging users to prioritize rotating their most valuable and oldest secrets and migrating their assets immediately. LastPass has also advised its users not to reuse their master password on other websites and to change the passwords of websites stored on the platform.
Hot Take: Protect Your Crypto Assets by Safely Storing Seed Phrases
The recent LastPass hack serves as a reminder of the importance of securely storing your seed phrases and private keys for crypto assets. By migrating your assets away from platforms like LastPass and storing them in a secure, offline wallet, you can significantly reduce the risk of losing your funds to malicious actors. Additionally, it is crucial to follow best practices for password security, such as using unique passwords for each website and regularly updating them. Stay vigilant and take proactive measures to safeguard your crypto assets.
By
By
By
By
By
By