Three years after password manager LastPass was breached twice, we're finally starting to see the impact, and it's a pretty big one. A single hacking victim lost cryptocurrency worth $75 million today, according to just-released court records.

Federal investigators with the U.S. Secret Service believe it was these LastPass hackers who lost $283,326,127 in XRP cryptocurrency. A seizure order reviewed by Forbes stated that XRP was worth $150 million at the time of the theft in January 2024. Now, the stolen funds are now worth approximately $716 million, thanks to a massive surge in cryptocurrency values ​​following Trump's election as president.

"The scale of the theft and the rapid dissipation of funds required the efforts of multiple malicious actors." -U.S. Secret Service

The victim, an anonymous San Francisco resident, believed he had taken reasonable steps to protect his account. According to a colleague of the victim who helped manage the cryptocurrency, all physical files of the wallet's private keys were destroyed, and according to the search warrant, the master password to access the LastPass account was a "long and unique" password.

Agents believe LastPass hackers are behind the theft because of similarities to other hacks investigated by the FBI and linked to those in 2022. According to the search warrant, when the Secret Service examined the devices used to access victims' LastPass accounts, they found no other signs of infection and "similar theft patterns" to other attacks the FBI is investigating.

Since the investigation began last year, the Secret Service has been tracking the funds through numerous exchanges around the world while hackers quickly laundered the cryptocurrencies. "The scale of the theft and the rapid dissipation of funds required the efforts of multiple malicious actors, consistent with online password manager vulnerabilities and attacks on other victims of stolen cryptocurrency," investigators wrote. "For these reasons, law enforcement believes that Victim 1's cryptocurrency was stolen by the same attackers who targeted the online password manager, as were other victims in similar circumstances."

"LastPass has been working closely with multiple representatives from law enforcement since we first disclosed this incident in 2022. To date, our law enforcement partners have not provided us with any conclusive evidence linking any cryptocurrency theft to our incident." LastPass said in a statement: "At the same time, we have been investing heavily in strengthening security measures and will continue to do so."

So far, no suspects have been named, although the funds have been traced to cryptocurrency accounts owned by a number of Russian and Latvian residents. While the seizure order is only to recover $23 million in stolen funds, the investigation is ongoing and more seizures may be imminent. The Justice Department declined to comment.

This month has been a peak month for large-scale cryptocurrency thefts. In February, hackers stole $1.5 billion from the ByBit exchange in what has been called the largest cryptocurrency theft in history. The FBI and cryptocurrency researchers claim North Korea is behind it.