Remember that massive $150 million crypto heist involving Ripple co-founder Chris Larsen back in January 2024? Well, it seems investigators have traced it back to the LastPass security breach from 2022. On-chain sleuth ZachXBT dropped the news, citing a recent US law enforcement filing that sheds light on the situation.

The attack itself was pretty significant, with the bad guys making off with 213 million XRP tokens – that’s a cool $112 million at the time! Turns out, they managed to snag private keys that were unfortunately being managed by LastPass.

ZachXBT, who was on top of this story from the get-go, pointed out that the stolen crypto didn’t sit still for long. It was rapidly moved across several major crypto exchanges, including big names like Binance, Kraken, and OKX, among others.

Larsen himself confirmed the breach, emphasizing that this was a personal account issue and didn’t involve Ripple’s main corporate wallets. Interestingly, he hadn’t publicly revealed what caused the breach until now.

Law enforcement jumped into action right after the hack, and crypto exchanges quickly froze some of the stolen funds. Binance alone managed to put a hold on $4.2 million worth of XRP. Still, despite these quick responses, a significant chunk of the stolen XRP had already been cleverly moved around or swapped out of XRP by the hackers.

The LastPass Breach Fallout Continues: Crypto Losses Swell to Millions Last December

And the plot thickens! Last December, cybersecurity experts started raising red flags about a fresh wave of crypto thefts, and guess what? They were directly linked back to that 2022 LastPass security breach.

ZachXBT reported that in the days leading up to Christmas, the same ‘LastPass threat actor’ was at it again, pilfering approximately $5 million in crypto from over 40 different victims. These stolen assets were then converted into Ethereum and Bitcoin. Adding these latest incidents, the total losses stemming from the LastPass breach have now climbed to a staggering $250 million.

According to ZachXBT, the masterminds behind these thefts are still exploiting the data stolen way back in 2022. Remember that incident where hackers infiltrated LastPass’s systems and grabbed encrypted user data?

Even though the data was encrypted, it seems these persistent criminals are having success cracking it, leading to these ongoing thefts.

Larsen’s Ripple Stash and Dormant Addresses

With President Trump recently talking about a US Strategic Crypto Reserve, conversations around big US crypto players like Ripple and their XRP holdings are heating up.

Going back a bit, ZachXBT previously revealed that XRP addresses associated with Chris Larsen still hold a massive 2.7 billion XRP, currently valued at over $7 billion. He also highlighted that just in January 2025, over $109 million worth of XRP was moved from these addresses to exchanges.

“Some of these addresses have been sitting untouched for 6-7 years, so it’s possible he might have lost access or maybe sent funds to others back in Feb 2013,” ZachXBT speculated. “Keep in mind, he also got hit by that $112M hack early last year.”