- Chris Larsen lost $150M after a LastPass security breach in 2022.
- Stolen XRP moved to exchanges; law enforcement froze portions.
- Larsen clarifies the hack only affected personal XRP accounts.
Chris Larsen, the co-founder of Ripple, lost approximately $150 million worth of crypto in January 2024. The theft occurred after his private keys were compromised due to a breach of LastPass, a popular password management system. Internet security expert ZachXBT confirmed the link between the hack and the 2022 LastPass breach.
Ripple’s Larsen Loses $150M in LastPass Hack
In a forfeiture complaint filed by U.S. law enforcement, it was revealed that Larsen had stored his private keys in LastPass. This led to unauthorized access to his personal XRP accounts in early 2024. Although Larsen confirmed the incident, he did not initially disclose the cause of the theft.
ZachXBT had earlier reported that over 213 million XRP, valued at $112.5 million, had been stolen. The stolen funds were quickly moved to multiple crypto exchanges, including Binance, Kraken, and OKX. Law enforcement intervened shortly after the theft, as some exchanges froze portions of the stolen funds.
Larsen clarified that the hack affected only his personal accounts, not Ripple’s corporate wallets. However, the attackers managed to launder and convert much of the stolen XRP before it could be seized. However, a large portion remains unaccounted for despite efforts to track and recover the stolen funds.
The LastPass breach, which occurred in 2022, exposed sensitive data such as customer keys, API tokens, and MFA seeds. Attackers used this data to access and steal crypto assets from multiple individuals. The stolen funds were later converted to other cryptocurrencies like Ethereum and Bitcoin.
ZachXBT has been actively monitoring these incidents and tracking the stolen funds. In December 2023, he reported that attackers associated with the LastPass breach had stolen over $5 million from various victims. In January 2024, the total losses related to the breach had reached approximately $250 million.
Security of Crypto Wallets
Many individuals like Larsen now consider the safety of using password management systems following the breach. Larsen’s loss highlights the risks of storing private keys and sensitive data on centralized platforms. However, experts still believe that such tools may still be safer than managing passwords manually.
Furthermore, ZachXBT highlighted that XRP addresses linked to Larsen still hold huge amounts of XRP. Larsen’s addresses are believed to contain over 2.7 billion XRP, worth more than $7 billion. These addresses have remained inactive for several years, raising questions whether Larsen has lost access to them.
The Ripple co-founder’s breach serves as a stark reminder of the importance of secure storage practices in the cryptocurrency industry. Although security measures like multi-factor authentication and encryption are commonly used, they are not foolproof. Crypto users must continue to be vigilant to protect their assets from similar threats.