Federal prosecutors in northern California have seized approximately $24 million in cryptocurrencies related to this theft.
The breach of LastPass in 2022 involved two significant incidents.
Many victims had chosen master passwords with relatively low complexity and were among LastPass’s oldest customers.
The more iterations, the longer it takes an offline attacker to crack the master password.
However, researchers found that many older customers were not upgraded to these newer security standards.
Despite these findings, LastPass maintains no definitive proof linking the cyberheists to their breaches.
The company says it has been cooperating with law enforcement and investing in enhanced security measures.
They argue that more proactive measures could have prevented millions of dollars in thefts.
However, the continued thefts show how much more needs to be done.
The situation remains critical, with recent reports of additional thefts in December.
