LastPass 2022 breach enables years of cryptocurrency thefts

Italiano

A 2022 data breach at password manager LastPass has resulted in prolonged cryptocurrency thefts, according to blockchain intelligence firm TRM Labs. The incident involved stolen user vaults that facilitated around $35 million in losses extending into 2025.

The 2022 breach at LastPass, a popular password management service, compromised user vaults containing sensitive information. This data was exploited by cybercriminals, leading to a series of cryptocurrency thefts that persisted for years. Blockchain analysis company TRM Labs has determined that these stolen credentials enabled approximately $35 million in crypto-related losses, with activities continuing through 2025.

TRM Labs' investigation highlights how the breach provided attackers with access to cryptocurrency wallets and exchange accounts. The firm's findings underscore the long-term risks of data breaches in the cybersecurity landscape, where initial compromises can fuel extended criminal operations. No specific details on the number of affected victims or the exact methods of theft were disclosed in the report.

This case serves as a reminder of the vulnerabilities in password storage solutions and the importance of robust security measures in the digital asset space. As cryptocurrency adoption grows, such incidents emphasize the need for ongoing vigilance against credential-based attacks.

Articoli correlati

Illustration of North Korean hackers in a cyber command center stealing a record $2 billion in cryptocurrency from global exchanges like Bybit.
Immagine generata dall'IA

North Korea steals record $2 billion in cryptocurrency in 2025

Riportato dall'IA Immagine generata dall'IA

North Korean hackers stole a record $2.02 billion in cryptocurrency in 2025, according to a new Chainalysis report, surpassing the previous year's haul by 51 percent and bringing their total to $6.75 billion. The thefts, which accounted for 60 percent of the global total of $3.4 billion stolen, were driven by fewer but larger attacks, including a $1.5 billion breach of the Dubai-based Bybit exchange in February. Experts attribute the success to sophisticated tactics like embedding IT workers in crypto firms and impersonating recruiters.

Russian Networks Linked to Laundering of LastPass Breach's $35M in Stolen Crypto

Following the 2022 LastPass data breach, blockchain firm TRM Labs has tied over $35 million in stolen cryptocurrency to Russian cybercriminals, detailing sophisticated laundering via mixers and exchanges persisting into late 2025.

Research uncovers flaws in password managers' zero-knowledge claims

Riportato dall'IA

New research from ETH Zurich and USI Lugano reveals vulnerabilities in popular password managers, challenging their assurances that servers cannot access user vaults. The study analyzed Bitwarden, Dashlane, and LastPass, identifying ways attackers with server control could steal or modify data, particularly when features like account recovery or sharing are enabled. Companies have begun patching the issues while defending their overall security practices.

Tecnologia

Betterment investment platform hit by data breach

Francia

Hackers extort French crypto firm Waltio after stealing user data

Crypto

Chainalysis 2026 Report: $17 Billion in 2025 Crypto Scams Amid Surging AI Fraud and Hacks

Trust Wallet confirms second Shai-Hulud supply-chain attack

Trust Wallet has linked a second Shai-Hulud supply-chain attack to a hack on its Chrome extension, resulting in the theft of about $8.5 million in cryptocurrency. The incident involved a malicious version of the extension that exfiltrated users' sensitive wallet data. The company rolled back the compromised software and committed to reimbursing affected users.

Data breach exposes credit card details of over 5.6 million people

Riportato dall'IA

A significant data breach has compromised the credit card information of more than 5.6 million individuals. The incident involves 700Credit, where data was stolen via a third-party API integration. Details emerged in a recent report on cybersecurity threats.

Hackers steal millions of Pornhub users' data for extortion

Hackers have accessed and stolen personal information from millions of Pornhub users, aiming to use the data for extortion schemes. The incident was highlighted in a WIRED security news roundup.

Scammers target Trezor and Ledger users with fake mail letters

Riportato dall'IA

Threat actors are mailing physical letters impersonating Trezor and Ledger to trick cryptocurrency hardware wallet users into revealing recovery phrases. The letters create urgency by claiming mandatory checks are required to avoid losing wallet access. Victims scanning included QR codes are directed to phishing sites that steal their wallet information.

23 marzo 2026 09:31

Researchers uncover leaked API keys on nearly 10,000 websites

02 marzo 2026 06:16

South Korean police lose $5 million in seized crypto after leaking wallet details

04 febbraio 2026 20:07

Alleged Chinese data breach exposes 8.7 billion records

23 gennaio 2026 02:03

Huge data leak exposes 149 million credentials without protection

21 gennaio 2026 17:17

Attackers hijack Linux Snap Store apps to steal crypto phrases

17 gennaio 2026 01:38

Crypto investor loses $282 million in Trezor wallet scam

08 gennaio 2026 01:31

Wrench Attacks on Crypto Holders: Experts Predict 2026 Surge

04 gennaio 2026 12:16

Wrench attacks on crypto holders rise in frequency and violence

01 gennaio 2026 18:36

Losses from crypto hacks drop 60% in December

24 dicembre 2025 06:19

Crypto heists reach record $2.7 billion in 2025

 

 

 

Questo sito web utilizza i cookie

Utilizziamo i cookie per l'analisi per migliorare il nostro sito. Leggi la nostra politica sulla privacy per ulteriori informazioni.
Rifiuta