Federal agents confirm LastPass breach linked to massive cryptocurrency heists

What just happened? In a court filing earlier this month, U.S. federal agents confirmed that a series of high-profile cyberheists, including a $150 million cryptocurrency theft, are linked to the 2022 breach of password manager service LastPass. The heists involved cracking master passwords stolen from LastPass, which allowed thieves to access sensitive information, including cryptocurrency seed phrases stored in the "Secure Notes" section of victims' accounts, according to KrebsonSecurity, which has been tracking these incidents since September 2023. The $150 million heist, which occurred on January 30, 2024, is believed to have targeted Chris Larsen, co-founder of the cryptocurrency platform Ripple, according to blockchain security researcher ZachXBT. Federal prosecutors in northern California have seized approximately $24 million in cryptocurrencies related to this theft. According to the seizure document, the U.S. Secret Service and the FBI believe the attackers used stolen data ... Read full article.