Documents released by U.S. law enforcement have unveiled that Chris Larsen, co-founder of Ripple, fell victim to a cryptocurrency theft in January 2024 due to LastPass failures.
Approximately 283 million XRP (XRP), valued at around $150 million at the time, were stolen due to compromised private keys stored in the password manager LastPass, which had suffered a major data breach in 2022.
All these findings are a result of investigations by ZachXBT. Chris Larsen is best known for co-founding Ripple Labs in 2012. Larsen acknowledged the attack back in 2024.
The 2022 LastPass data breach
LastPass is a widely used password manager designed to store and manage users’ passwords and private information securely. In 2022, LastPass experienced security incidents.
In August of that year, unauthorized access to portions of their development environment led to the theft of source code and technical information.
Subsequently, in November 2022, attackers utilized information from the previous breach to access customer data stored with a third-party cloud storage service.
This breach exposed both unencrypted data, such as website URLs, and encrypted data, including usernames and passwords. The security of the encrypted data was contingent upon the strength of individual users’ master passwords.
Larsen’s XRP holdings stolen
The recently unsealed forfeiture lawsuit documents indicate that Larsen had stored the private keys to his cryptocurrency wallet on LastPass, per ZachXBT. Following his standard security protocol, physical records of these keys were destroyed after being entered into the password manager.
The 2022 LastPass breaches compromised encrypted passwords, and vault data were later utilized to illegally access the electronic accounts of multiple victims, including Larsen.
This unauthorized access led to the theft of approximately 283 million XRP from Larsen’s wallet in January 2024.
Today, that XRP would be worth over $707 million.
