In a stunning revelation that underscores the persistent risks of digital asset security, Ripple co-founder and executive chairman Chris Larsen reportedly lost over $661 million worth of XRP in early 2024. According to an on-chain investigator, the breach stemmed from a 2022 hack of the widely used password manager LastPass, which ultimately led to the compromise of Larsen’s private keys.
The disclosure came via ZachXBT, a well-known blockchain sleuth, who shared a screenshot of a forfeiture complaint filed by U.S. federal prosecutors. The document details how cybercriminals exploited the LastPass data breach to access sensitive information—ultimately leading to the theft of approximately 283 million XRP from Larsen’s personal wallets.
👉 Discover how secure storage can protect your crypto investments today.
How the Hack Unfolded
The attack was not the result of a direct breach of Ripple’s corporate infrastructure but rather a targeted compromise of Larsen’s personal accounts. The chain of events traces back to late 2022, when LastPass suffered a major security incident that exposed encrypted password vaults. Although the company claimed customer data remained protected due to encryption, hackers later decrypted some vaults using master passwords obtained elsewhere.
ZachXBT explained:
“A forfeiture complaint filed yesterday by US law enforcement revealed the cause for the 283 million XRP hack of Ripple co-founder Chris Larsen’s wallet in January 2024 was the result of storing private keys in LastPass (password manager which was hacked in 2022). Up to this point, Chris Larsen had not publicly disclosed the cause of the theft.”
This suggests that Larsen may have stored encrypted backups of his cryptocurrency private keys within his LastPass vault—an action widely discouraged by security experts. Once attackers decrypted the vault, they could have extracted seed phrases or wallet credentials, enabling full control over the associated crypto holdings.
A Major Blow, But Not Devastating
While a loss of $661.6 million** is staggering by any standard, it appears to have had limited impact on Larsen’s overall net worth. Despite the theft, he still retains an estimated **$7.18 billion in XRP holdings as of early 2025, according to on-chain analysis by ZachXBT.
Interestingly, in January 2025 alone—around the time of the U.S. government’s announcement regarding a national crypto reserve—wallets linked to Larsen transferred more than $109 million worth of XRP to various cryptocurrency exchanges. This activity fueled speculation about potential sales or strategic portfolio rebalancing.
ZachXBT added:
“With the announcement of the US Crypto Reserve here’s your reminder that XRP addresses activated by Chris Larsen (co-founder of Ripple) still hold 2.7 billion+ XRP and these addresses tied to him transferred $109 million+ worth of XRP to exchanges in January 2025…”
He also noted a caveat: many of these addresses had been inactive for six to seven years, raising questions about whether Larsen still controls them or if they were transferred years ago—possibly as early as February 2013.
Lessons in Cryptocurrency Security
This high-profile incident highlights critical vulnerabilities in how even seasoned crypto pioneers manage their digital assets. Storing private keys or seed phrases—whether directly or indirectly—in cloud-based password managers significantly increases exposure to breaches.
Security best practices recommend:
- Using hardware wallets (cold storage) for long-term holdings.
- Avoiding cloud storage for any data related to seed phrases or private keys.
- Enabling multi-signature authentication for large wallets.
- Regularly auditing wallet activity through blockchain explorers.
👉 Learn how to safeguard your digital assets with advanced security tools.
Key Takeaways for Investors
For retail and institutional investors alike, this case serves as a sobering reminder:
- No one is immune—even billion-dollar holders face risks from seemingly minor oversights.
- Offline storage matters—the safest key is one never exposed to the internet.
- Transparency builds trust—delayed disclosure can fuel speculation and erode confidence.
Although Ripple confirmed that company funds were unaffected, the incident has reignited debates about personal accountability and security hygiene in the decentralized ecosystem.
Frequently Asked Questions (FAQ)
Q: Was Ripple’s corporate wallet affected by the hack?
A: No. Chris Larsen confirmed that only his personal wallets were compromised. Ripple’s corporate holdings and operational funds remained secure.
Q: How did the LastPass hack lead to the XRP theft?
A: It’s believed that encrypted backups of private keys or seed phrases were stored in LastPass. After the 2022 breach, attackers decrypted the vault and accessed sensitive crypto credentials.
Q: Is XRP at risk because of this incident?
A: No. The hack targeted an individual holder, not the XRP Ledger or Ripple’s network infrastructure. The fundamental technology remains secure.
Q: Can stolen XRP be recovered?
A: While blockchain transactions are irreversible, law enforcement can track illicit flows. Some funds may be frozen if moved through regulated exchanges complying with asset forfeiture orders.
Q: What should I do to protect my crypto assets?
A: Use hardware wallets, avoid storing keys in digital formats, enable two-factor authentication, and conduct regular audits of your wallet addresses.
Q: Did Chris Larsen lose all his XRP?
A: Far from it. Despite losing over $661 million in XRP, he still holds an estimated $7.18 billion in the asset, making him one of the largest individual holders.
Final Thoughts
The Chris Larsen XRP incident is more than just a headline—it's a wake-up call for the entire cryptocurrency community. As digital assets grow in value and adoption, so too do the incentives for cybercriminals. Security can no longer be an afterthought; it must be foundational.
Whether you're holding thousands or billions in crypto, protecting your private keys is non-negotiable. The tools exist. The knowledge is available. The responsibility lies with each individual.
👉 Secure your crypto future with trusted platforms built for safety and scalability.