LastPass security breach linked to $35 million stolen in crypto heists
www.theverge.com
Researchers found that almost every victim was a LastPass user.

More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

  • @LemmyFeedEnglish
    761 year ago

    These guys saved their seed phrases to LastPass, not just account passwords. You can’t just change your seeds without moving funds to a new wallet.

    The main lesson here is never store your seeds in digital form, ever. Write it down by hand on paper at creation and then take additional efforts to safeguard it.

    • @[email protected]English
      91 year ago

      I just store recovery phrases of all kinds on an encrypted USB stick (which is obviously only connected to my PC when I need to put a new one in or use it (which so far has happened never)), I feel like that is secure enough for me, although if I could laminate at home I might print and make small cards in a separate a card wallet. Any other way I feel like I would eventually lose them, the particular USB drive ive had for over 15 years, it is 512 MB lol.

      • @[email protected]English
        361 year ago

        USB sticks are not very reliable and can become totally unreadable randomly. I hope you at least have a few backups of it

        • @douglasg14bEnglish
          151 year ago

          Yeah, they are horribly unreliable.

          I got myself 5 sticks, put the same data on all 5.

          1st was dead within a month. 2nd & 3rd both dead in 4m, 4th dead in 6m. The 5th is still alive 3 years later.

          It’s a shit lottery, don’t play it, modern flash drives are absolutely garbage. Yet I still have a whole pile of 1,2, 4 GB flash drives from over a decade ago and they all still work.

          • @jarfilEnglish
            31 year ago

            Old flash drives used to be all SLC.

            Newer ones, use the cheapest tech for the same capacity, with QLC being about 16 times less reliable than SLC.

        • @ChickenstalkerEnglish
          81 year ago

          Carve it in granite and bury it underground so that future archaeologists can be confused over their meaning.

        • asudoxEnglish
          21 year ago

          At least better than the cloud.

        • @AuxEnglish
          -11 year ago

          USB sticks can be very different. I would recommend using small M.2 SSD in a stick enclosure.

      • @hihellobyeohEnglish
        21 year ago

        I would duplicate to at least 2 sticks, and also a written form that you keep stored with important documents, like a safe with your SSN, birth certificate, etc.

      • @deafboyEnglish
        11 year ago

        For any significant amount of money, the seed should never even touch a PC. No USBs, no printers.

    • @aestheleteEnglish
      51 year ago

      I wrote my seed information down for my poop coin wallet directly on Charmin double ply and then promptly wiped my ass with it and flushed.

      All my apes gone!

      • @[email protected]English
        21 year ago

        Shit coin is far superior than poop coin. All the apes have shit coin. You never lose the password to shit coin, there’s always more shit coin passwords.