A 2022 data breach at password manager LastPass has resulted in prolonged cryptocurrency thefts, according to blockchain intelligence firm TRM Labs. The incident involved stolen user vaults that facilitated around $35 million in losses extending into 2025.
The 2022 breach at LastPass, a popular password management service, compromised user vaults containing sensitive information. This data was exploited by cybercriminals, leading to a series of cryptocurrency thefts that persisted for years. Blockchain analysis company TRM Labs has determined that these stolen credentials enabled approximately $35 million in crypto-related losses, with activities continuing through 2025.
TRM Labs' investigation highlights how the breach provided attackers with access to cryptocurrency wallets and exchange accounts. The firm's findings underscore the long-term risks of data breaches in the cybersecurity landscape, where initial compromises can fuel extended criminal operations. No specific details on the number of affected victims or the exact methods of theft were disclosed in the report.
This case serves as a reminder of the vulnerabilities in password storage solutions and the importance of robust security measures in the digital asset space. As cryptocurrency adoption grows, such incidents emphasize the need for ongoing vigilance against credential-based attacks.
