What Happened at LastPass
The LastPass breach unfolded in stages, each worse than the last. In August 2022, attackers gained access to LastPass’s developer environment through a single compromised developer account. LastPass initially characterized this as limited — source code and technical information, nothing customer-facing.
That assessment turned out to be badly wrong. Using the developer access obtained in August, the attackers pivoted. By September 2022 they had leveraged that foothold to reach a separate cloud storage environment where LastPass kept customer data backups. LastPass did not detect or disclose this second intrusion for months.
In December 2022, LastPass finally confirmed what had actually been stolen: the complete encrypted vault database for every customer, along with billing information, names, email addresses, telephone numbers, and IP address logs. Critically, the website URLs stored in each vault were not encrypted. Attackers could immediately identify which stolen vaults were worth targeting.
The stolen vault files are static. Unlike a live login attempt, there is no lockout, no rate limiting, no detection. Attackers can run password-cracking attempts against their local copy of your vault indefinitely, at whatever speed their hardware allows.
“The threat actor was also able to copy a backup of customer vault data from the encrypted storage container.”
— LastPass, December 2022
Why “Encrypted Vaults” Got Cracked
LastPass encrypted customer vaults using PBKDF2-SHA256 with a default of 5,000 iterations. The current OWASP recommendation is 600,000 iterations. On a consumer GPU, testing millions of password guesses per second against a 5,000-iteration vault is entirely feasible.
Because LastPass left URLs unencrypted, attackers could identify which users held cryptocurrency wallets and concentrate cracking resources accordingly. The $35M in documented theft represents only verified cases from a known victim pool.
Why 1Cryptor Uses Argon2id
1Cryptor was built with the LastPass failure mode in mind. Your encryption key is derived locally using Argon2id — the winner of the Password Hashing Competition. Even if an attacker obtained your encrypted files, cracking them offline would be computationally prohibitive by design.