$150 Million XRP Theft Linked to LastPass Security Breach

A theft of $150 million targeting Ripple co-founder Chris Larsen has been linked to security issues with LastPass, according to a forfeiture complaint by U.S. law enforcement.

Larsen's private keys were stored in LastPass, which experienced a major breach in 2022.
Hackers compromised a developer account, accessing source code and customer password vaults for approximately 25 million users.
Weak master passwords allowed hackers to brute-force access to encrypted vaults.
The vulnerability led to the theft of XRP valued at $150 million at the time, now worth over $600 million.
Larsen confirmed the hack affected only personal accounts, not Ripple’s corporate wallets.
The Security Alliance estimated crypto losses from the LastPass breach reached at least $250 million by May 2024.