Feds Suspect LastPass Hackers Stole $150 Million In Crypto From One Person

Forbes - Mar 7th, 2025

Three years after the LastPass breaches in 2022, hackers are now reaping the benefits of their cyber thefts. According to newly unsealed court records, federal investigators attribute the loss of 283,326,127 XRP cryptocurrency, now valued at $716 million, to the same attackers. The funds were initially worth $150 million when stolen in early 2024. An anonymous victim from San Francisco, who believed they had safeguarded their crypto assets, found themselves among the breach’s casualties. Despite having destroyed physical documentation and using a strong master password, the victim's LastPass account was compromised, leading to the massive financial loss.

The significance of this event extends beyond the individual victim, highlighting vulnerabilities in online password managers and the potential implications for digital currency security. The U.S. Secret Service and FBI are tracing the stolen funds through various global exchanges, suspecting multiple actors, including Russian and Latvian residents. Although no suspects are named yet, the investigation is ongoing, with potential further seizures. This incident follows a series of high-profile crypto thefts, including a $1.5 billion heist from ByBit, allegedly involving North Korean hackers, emphasizing the growing threat in the digital currency domain.

Cybersecurity North Korea Fbi Investigation President Trump Last Pass Breach Cryptocurrency Theft U.S. Secret Service Xrp Cryptocurrency Russian And Latvian Suspects

Story submitted by Fairstory

RATING

6.2

Moderately Fair

Read with skepticism

The article provides a compelling narrative about the LastPass breaches and the subsequent theft of cryptocurrency, with a focus on the ongoing investigation. It effectively highlights the potential vulnerabilities in online security systems and raises awareness of critical issues affecting cybersecurity and financial security. However, the article could benefit from more diverse perspectives, expert insights, and transparency regarding sources and methods used in the reporting.

While the article is timely and addresses topics of significant public interest, its impact could be enhanced by including recommendations for improving security practices and exploring the broader implications of the breaches. Overall, the article offers valuable information but could be strengthened by providing a more comprehensive and balanced view of the situation.

Accuracy

The article claims that LastPass was breached twice in 2022, which aligns with documented reports of the breaches. It accurately states that the breaches involved access to sensitive information, including customer data. The story also highlights the theft of cryptocurrency, valued at $150 million at the time, which is now purportedly worth $716 million. This claim is plausible given the fluctuations in cryptocurrency markets, but the exact valuation would need verification due to the volatile nature of such assets.

The article suggests that the theft involved multiple malicious actors and was linked to the LastPass breaches. While investigators believe this to be the case, the absence of named suspects indicates a need for further evidence to substantiate these claims. Additionally, the tracing of funds to accounts owned by Russian and Latvian residents is mentioned, but the direct involvement of these individuals remains unverified. Overall, while the article presents a compelling narrative, some claims require further substantiation to ensure full accuracy.

Balance

The article primarily focuses on the perspective of the victim and the investigation by federal authorities. It provides a detailed account of the theft and the subsequent tracing of funds, but it lacks input from LastPass or cybersecurity experts who could offer insights into the breach and the security measures in place.

The absence of these perspectives creates a somewhat imbalanced view, as it does not explore the broader implications of the breaches on LastPass users or the company's response to the incidents. Including these perspectives would provide a more comprehensive understanding of the situation and help readers grasp the full scope of the issue.

Clarity

The article is generally clear and well-structured, with a logical flow of information. It effectively outlines the sequence of events, from the LastPass breaches to the current investigation into the cryptocurrency theft.

The language is straightforward and accessible, making it easy for readers to understand the key points. However, the article could benefit from more detailed explanations of technical terms and concepts, such as the process of tracing cryptocurrency transactions, to enhance reader comprehension.

Source quality

The article cites federal investigators and court records as sources, which are generally reliable and authoritative. However, it does not provide direct quotes or detailed information from these sources, which limits the depth of the reporting.

Additionally, the article does not mention any cybersecurity experts or analysts who could provide additional context or validation of the claims made. The reliance on unnamed sources, such as the victim and their colleague, also raises questions about the credibility and potential bias of the information presented.

Transparency

The article lacks transparency in several areas, particularly regarding the sources of its information. While it mentions federal investigators and court records, it does not provide direct access to these documents or specify the methodology used to trace the stolen funds.

Moreover, the article does not disclose any potential conflicts of interest or biases that might influence the reporting. Providing more detailed information on the sources and methods used would enhance the transparency and credibility of the story.