According to a forfeiture complaint filed by US authorities on March 6, the theft of $150 million from Chris Larsen, co-founder of Ripple, was linked to a security flaw in the LastPass password manager. The complaint reveals that Larsen’s private keys were stored in LastPass, which suffered a major security breach in 2022. Hackers exploited this vulnerability to access Larsen’s keys and stole XRP tokens worth $150 million at the time of the theft and over $600 million at the current price. Larsen confirmed the incident in January, stating that the hack only affected his personal accounts and did not harm Ripple’s corporate wallets. It is estimated that digital asset losses related to the LastPass security breach have reached at least $250 million by May 2024.
