LastPass Breach Continues to Haunt Users in 2025 with Ongoing Cryptocurrency Thefts

In 2022, LastPass experienced a significant security breach where encrypted vault backups were exfiltrated. According to TRM Labs, this data is still being exploited in 2025 by attackers to crack weak master passwords and steal cryptocurrencies. The initial compromise involved the breach of LastPass systems, leading to the theft of sensitive user data. The ongoing exploitation of this data highlights the long-term impact of data breaches and the critical importance of robust password security. Users with weak master passwords are particularly vulnerable to these attacks, which result in the theft of cryptocurrency funds. This incident underscores the need for strong password policies, multi-factor authentication, and continuous monitoring to detect and mitigate ongoing threats. Organizations and users must take proactive steps to secure their data and prevent similar incidents in the future.