Ripple co-founder and executive chairman Chris Larsen suffered a staggering loss of $661 million worth of XRP in 2024, linked to a 2022 LastPass hack, according to a forfeiture complaint filed by U.S. federal prosecutors.
Key Details of the Hack
- Cause: Hackers accessed Larsen’s XRP holdings by compromising private keys stored in LastPass during its 2022 breach.
- Amount Stolen: 283 million XRP (worth $661.6 million at current prices).
- Disclosure: Larsen confirmed the theft targeted his personal wallets, not Ripple’s corporate funds.
Timeline of Events
- 2022: LastPass hacked, exposing stored credentials.
- January 2024: Larsen’s XRP wallet drained.
- February 2024: Larsen publicly acknowledged the hack.
Aftermath: Larsen’s Remaining XRP Holdings
Despite the theft, Larsen retains approximately $7.18 billion in XRP**. On-chain investigator **ZachXBT** reported that Larsen moved **$109 million worth of XRP to exchanges in January 2025 during a price rally.
“XRP addresses tied to Larsen still hold 2.7+ billion XRP, though some have been dormant for years.”
— ZachXBT
Lessons Learned
- Security Risk: Storing crypto private keys in cloud-based password managers (like LastPass) increases vulnerability.
- Best Practices: Use offline storage (e.g., hardware wallets) for large holdings.
FAQs
Q: Was Ripple’s corporate XRP affected?
A: No—only Larsen’s personal wallets were compromised.
Q: How did hackers access the XRP?
A: Through private keys leaked in the 2022 LastPass breach.
Q: Does Larsen still hold XRP?
A: Yes, roughly $7.18 billion worth remains in his wallets.
Final Thoughts
This incident underscores the importance of secure key management in cryptocurrency. For large-scale holders, decentralized custody solutions or cold wallets are critical.