On March 7th, COINOTAG News reported a significant development in the ongoing legal narrative surrounding Ripple co-founder Chris Larsen. An on-chain investigator, ZachXBT, disclosed details from a civil forfeiture lawsuit pursued by U.S. law enforcement. This legal action traces back to a staggering $150 million theft, equating to 283 million XRP, which took place in January 2024. The breach was primarily attributed to Larsen’s choice of the LastPass password manager for storing his private key, a system that was critically compromised during a data breach in 2022.
Documentation from the lawsuit illustrates a severe vulnerability in online password management. When a victim inputs their cryptocurrency wallet’s private key into an online manager, the physical record of this key is irretrievably erased. Notably, the LastPass platform faced major data breaches in August and November 2022, through which attackers pilfered not only encrypted passwords but also sensitive vault data. An FBI probe revealed that this stolen data facilitated unauthorized access to numerous electronic accounts, leading to significant losses in cryptocurrency and personal information.