By: Isha Das
Victims of the LastPass data breach experienced a significant hit with a reported $4.4 million in cryptocurrency drained from about 80 wallets in just one day. An increase from earlier estimates in September, that predicted an overall loss of $35 million since the breach began in 2022. The latest hack, as revealed by the pseudonymous on-chain researcher ZachXBT and MetaMask developer Taylor Monahan, decidedly adds to the cumulative loss.
The twosome were reportedly able to track the movements of funds from the compromised wallets that fell victim on October 25th. Monahan's detailed report on the infamous Chainabuse site confirmed the majority of the victims were substantial LastPass users or had their crypto wallet keys or seeds stored within LastPass.
Previously in August of 2022 and then later in December of the same year, LastPass divulged an attacker had accessed total encrypted customer vault data while decrypting stored user information. Moreover, LastPass cautioned if the cyber assailants managed to correctly guess the account's master password, it could decrypt even more. This breach led to massive theft of around $53,000 in Bitcoin, as was revealed later in a class-action suit filed against LastPass in January.
The victims of this massive cybersecurity breach have been urged to migrate their crypto assets with immediate effect to avoid further losses in the future.