LastPass Breach Victims Keep Suffering as Hackers Keep Stealing Even Today

By Leakd.com Authors

April 10, 2025

lastpass breach featured — The visualization of dust transactions, showing a complex network of transfers. Source: @tayvano_

Despite security experts urging users of the hacked popular password manager LastPass to take their security seriously for years now, criminals keep stealing funds even today—more than two years after the breach.

Taylor Monahan, a security expert at the most popular Ethereum (ETH) wallet, MetaMask, said that today, the address 0x1f792d9cd7e742a4880d699150e7bf07ccd00413 "collected dust from at least 1,345 distinct addresses on at least 7 different" blockchains. "Dust" refers to relatively small amounts of a cryptoasset. Looking at the recent deposits to the mentioned address, they range from around 0.0001 ETH to 0.63 ETH ($0.16–1,000). Collecting dust can also be used in an attempt to make blockchain analysts work harder to trace all the transactions.

lastpass breach transactions — Some of the recent transactions to the address flagged by Taylor Monahan. Source: etherscan.io

Meanwhile, Monahan also said she has already spoken to the owners of 95 of those addresses.

"Even though it's less than 10% of the addresses that showed up today, 95 people is A LOT of people. And I can tell you about all of them. [Because] I have traced and retraced their thefts. I have alerts on their addresses. I have talked to them at length. I know their names," the security expert said, noting that those 95 victims lost $50 million.

"When combined with the other thefts that are directly connected to their thefts, the total amount stolen is now well over $430 million," she added, emphasizing that that number does not include the other addresses that were swept to 0x1f792d9cd7e742a4880d699150e7bf07ccd00413 today.

According to Monahan, all 95 people have one thing in common—they all used LastPass, while "the vast majority" of them were able to confirm that the specific private keys that had funds stolen from them were stored in LastPass.

The password manager previously confirmed that on August 12, 2022, it suffered a breach that allowed hackers to steal vault data, backups, secure notes, and decryption keys.

This breach allowed hackers to steal cryptoassets even from high-profile crypto players, such as Chris Larsen, the co-founder of blockchain company Ripple, who lost around $113 million worth of the XRP token.

Meanwhile, Monahan keeps urging victims of the hackers to speak up.

"If you are the owner of one of the 1,345+ addresses that was swept to 0x1f792...0413 today, speak up. ESPECIALLY if you have NEVER been a LastPass user," she said, once again urging everyone to replace their "old secrets with new, secure ones."

That includes private keys, secret recovery phrases, SSH keys, API keys, "anything crazy critical," and "anything 3+ years old."

"Even if you never used LastPass. And especially if you did," Monahan concluded.