They weren't really credentials, but keys. Pop those into any compatible wallet ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		smeej on Dec 24, 2022 \| parent \| context \| favorite \| on: The situation at LastPass may be worse than they a... They weren't really credentials, but keys. Pop those into any compatible wallet and you control the money now. If someone had put the key in the URL field (because there is no corresponding URL because it's not a credential), and the URL field was unencrypted, that could account for it.

isthisthingon99 on Dec 24, 2022 [–]

I suspect people use secure notes to store crypto keys.

smeej on Dec 25, 2022 | [–]

You would hope, but I've been working in customer/technical support in the crypto industry since early 2017. People are not remotely as careful as you would expect (and hope for) them to be.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact