According to a recent lawsuit, an anonymous LastPass user is blaming the firm for losing $200,000 in a crypto hack. Specifically, he claims that LastPass didn’t give him notice about a 2022 security breach.
Still, this lack of notice may not have helped the victim. He kept his seed phrase on the platform, allowing the hackers to regenerate his Ethereum wallet and drain it of all funds.
More Crypto Thefts Surface from the Infamous LastPass Hack
The crypto industry has seen a few massive hacks in recent years, but a LastPass data breach has been responsible for several of them.
In late 2022, hackers managed to steal huge troves of user information, leading to $4.4 million being stolen from 25 users the following year. Today, one of them is suing over it.
According to the lawsuit, the hack victim is maintaining his anonymity but seeking personal injury damages from LastPass. Due to this anonymity, there isn’t much identifying information, but he hired a San Diego-based consumer law firm to file the suit in Washington, which is two states over.
The victim alleges that LastPass never informed him about the 2022 hack. He kept his seed phrase on the platform, and hackers quietly stole this information. After that, it would be trivially easy to regenerate his self-custody wallet and drain all funds.
To play devil’s advocate, LastPass’s alleged failure to notify the victim wouldn’t impact the actual hack. Crypto users should never, under any circumstances, put their seed phrase online.
Even if the password protector worked to notify all 25 million victims immediately, a seed phrase can’t be changed after generation.
In other words, even if he was notified immediately, the wallet was irreparable. The victim could have drained the funds himself and relocated them, but only if he acted fast.
Still, regardless of the specific damages, it’s an unfortunate incident. LastPass is still a functional company, even if the hack is causing lingering fallout. It could always reach a settlement to avoid a lengthy legal battle.
The post Another LastPass User Loses $200,000 in Crypto to Hackers appeared first on BeInCrypto.