Wednesday 1 February 2023
Home / none / LastPass data breach led to $53K in Bitcoin stolen, lawsuit alleges

LastPass data breach led to $53K in Bitcoin stolen, lawsuit alleges

A class action lawsuit has been filed against password management service LastPass following a data breach from Aug. 2022.

The class action was filed with the U.S. district court of Massachusetts on Jan. 3, by an unnamed plaintiff known only as “John Doe” and on behalf of others similarly situated.

It alleges that the data breach of LastPass has resulted in the theft of around $53,000 worth of Bitcoin.

The plaintiff claimed he began accruing BTC in Jul. 2022 and updated his master password to more than 12 characters using a password generator, as recommended by the LastPass “best practices.”

This was done to enable the storage of private keys in the seemingly secure LastPass customer vault.

When news of the data breach broke, the plaintiff deleted his private information from his customer vault. LastPass was hacked in Aug. 2022, with the attacker stealing encrypted passwords and other data, according to a December statement from the company.

Despite the quick action to delete the data, it appeared to be too late for the plaintiff. The lawsuit read:

“However, on or around Thanksgiving weekend of 2022, Plaintiff’s Bitcoin was stolen using the private keys he stored with Defendant [LastPass].”

“The LastPass Data Breach has, through no fault of his own, exposed him to the theft of his Bitcoin and exposed him to continued risk,” it added.

The suit claims that victims have been put at increased substantial risk of future fraud and misuse of their private information, which may take years to manifest, discover, and detect.

LastPass is being accused of negligence, breach of contract, unjust enrichment, and breach of fiduciary duty, however, the figure sought in damages was not specified.

Related:'Third-party incident' impacted Gemini with 5.7 million emails leaked

According to cybersecurity researcher Graham Cluley, the stolen data includes unencrypted information including company names, user names, billing addresses, telephone numbers, email addresses, IP addresses, and website URLs from password vaults.

In December, LastPass admitted that if customers had weak Master Passwords, the attackers may be able to use brute force to guess this password, allowing them to decrypt the vaults.

Original Article

About Jude Savage

Check Also

Solana price rally risks exhaustion after SOL’s 120% pump in two weeks

Solana (SOL) price is up an impressive 60% since the new year, partially boosted by hype surrounding meme cryptocurrency Bonk (BONK). However, the SOL/USD pair now shows signs of exhaustion, raising anticipations that the token may see a short-term correction in the coming days. Solana turns overboughtSolana is one of the best performing cryptocurrencies so far in 2023 after being one of the biggest losers in 2022. On Jan. 9, SOL's price jumped to as high as $19.50, or around 120% gains in a recovery rally after sliding below $8 on Dec. 29, 2022. But the price spik also turned Solana into an overbought asset, per its daily relative strength index (RSI) reading above 70, as shown below. SOL/USD daily price chart. Source: TradingViewTraditional investors typically see an overbought RSI as a potential sell signal, given the indicator has historically coincided with a period of buyer exhaustion. As a result, SOL's price could enter a correction or a sideways consolidation stag..

Leave a Reply

Your email address will not be published. Required fields are marked *