SF SaaS Flags
Security & Compliance Automation · Risk Score 100 · Severe

LastPass Lawsuits & Legal Trouble

Password manager — once a market leader, now defined by its catastrophic 2022 breach

Legal actions, regulatory complaints, and BBB filings involving LastPass that we've documented from public sources.

Lawsuits & Legal Action CRITICAL Source: TechCrunch · Dec 22, 2022 Added 4d ago

2022 breach: encrypted password vaults stolen along with decryption metadata

In December 2022, LastPass revealed attackers had stolen encrypted customer password vaults plus metadata — including URLs, usernames, and email addresses that aid in targeted decryption. The breach was executed through a compromised senior engineer's home computer.

Lawsuits & Legal Action CRITICAL Source: KrebsOnSecurity · Sep 9, 2023 Added 4d ago

Cryptocurrency thefts linked to breached LastPass vault data

In 2023 and 2024, blockchain security researchers linked over $35 million in cryptocurrency thefts to attackers who appeared to have successfully decrypted LastPass vault data to access victims' seed phrases.

Our AI scanner searches Reddit, Trustpilot, BBB, and news sources for fresh complaints from the past year, paraphrases what it finds, and adds anything new to this page. Takes up to 90 seconds.

A note on legal complaints

Filings and BBB complaints reflect what customers and counterparties alleged — not what was proven in court. Where possible we link to the original public record so you can read the source yourself. The presence of complaints doesn't establish wrongdoing; the absence doesn't prove innocence.

If you've personally filed a complaint or know of a public action we've missed, tell us.