As you know, it is very important to use a different password for each different site you register on, and to choose complex and unique passwords, especially for your financial transactions: As such, users find it difficult to remember many passwords at the same time, so they choose plugins and applications that keep passwords together, such as Lastpass. However, the application, which suffered a major attack in 2022, burned users’ heads. Here are the details
Millions of dollars lost with stolen data via Lastpass
Following the LastPass attack in 2022, hackers have so far stolen a total of $5.36 million worth of cryptocurrencies using the data they captured. Blockchain expert ZachXBT announced that this latest theft targeted 40 different crypto wallets.
According to ZachXBT, the attackers moved the stolen funds from Ethereum to Bitcoin through various fast exchanges. He also drew attention to the size of the attack and warned LastPass users: ‘If you have stored your crypto keys or seed phrases on LastPass, move your crypto assets immediately.’
During the LastPass attack, hackers captured customer keys, API tokens, multi-factor authentication (MFA) data and encrypted password vaults. Although the password vaults were encrypted, weak, leaked or reused master passwords made it easy for attackers to brute force their way into the vaults.
According to the latest information, cryptocurrency worth $ 4.4 million in 2023, $ 6.2 million in 2024 and $ 35 million in 2022, when the attack took place.
These thefts once again reveal the importance of password security and unique passwords for each account. Experts recommend using strong passwords as well as biometric verification-supported authentication applications and never reusing old passwords.
So, what measures do you take to protect your passwords securely? Don’t forget to share your opinions in the comments!