Crypto Heist: How a 2022 Hack Kept Stealing for Years

In 2022, a massive hack struck LastPass, a company that stores passwords. Thieves made off with encrypted backups of people's password vaults. These vaults contained critical information like crypto keys and seed phrases. The hackers had a field day, exploiting weak master passwords to crack open vaults and steal cryptocurrency. This theft didn't stop in 2022—it continued until late 2025.

The Cybercriminals Behind the Theft

TRM Labs, a blockchain forensics firm, uncovered the culprits: Russian cybercriminals. These criminals used Russian exchanges to launder the stolen crypto. One exchange even faced a fine from the U.S. government for accepting dirty money.

LastPass Faces the Consequences

LastPass also faced legal repercussions. They were fined heavily, with the U.K. authorities stating they had failed to prevent the hack. LastPass also warned users that hackers might attempt to guess their master passwords—a prediction that proved true.

The Hackers' Tactics and the Stolen Funds

The hackers employed special tools to hide their tracks, but TRM Labs managed to follow the money. They discovered that over $35 million was stolen. Most of it was converted into Bitcoin and laundered, while the rest was taken in a later wave of theft.

Lessons Learned

This incident highlights how one hack can lead to years of theft. Even when hackers try to cover their tracks, experts can still track them down. It also underscores the importance of strong passwords—a weak one can lead to catastrophic consequences.