A report by cybersecurity expert Brian Krebs outlines how various experts have come to this conclusion after analyzing a long string of crypto thefts perpetrated against people with otherwise strong security practices. Altogether, the thefts suspected to have been enabled by the LastPass breach amount to more than $35 million.
In November 2022, popular password management tool LastPass disclosed that hackers had stolen "password vaults" containing data belonging to more than 25 million users. Although the vaults themselves are encrypted, some experts now believe that these vaults are being cracked to enable access to crypto credentials stored within.
- "Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach", Krebs on Security [archive]