Hackers siphoned a total of $4.4 million worth of crypto from at least 25 LastPass users on Oct. 25, according to blockchain analyst ZachXBT.
LastPass is a platform that stores and encrypts password information for users. Its cloud-based storage service was breached in an attack last year that involved targeting an employee and stealing their credentials.
ZachXBT and MetaMask developer Taylor Monahan have tracked at least 80 crypto wallets that have been compromised in relation to the hack.
Funds have been stolen from the Bitcoin, Ethereum, BNB, Arbitrum, Solana and Polygon blockchains, according to a list published by Monahan.
“Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in LastPass migrate your crypto assets immediately,” ZachXBT wrote on X, formerly Twitter.
Cryptocurrency wallets are often targeted by hackers because a common attack vector is obtaining a private key, which gives the hacker complete access to funds. In July more than $300 million was stolen from crypto users in a string of hacks and exploits.