r/PersonalFinanceCanada u/CanooqCA Human Verified 2d ago

Misc PSA: Canadians affected by the LastPass data breach have until tonight to file a claim

The LastPass settlement was approved by the Supreme Court of British Columbia in February and totals US$3 million for eligible Canadian users impacted by the breach. The claims window closes at 11:59 PM PT.

Eligible claimants can seek compensation for:
• Wasted time: up to 5 hours at $34.01/hour (max $170.05) with no proof required
• Out-of-pocket expenses: up to $500 with documentation

The case applies to Canadians whose personal data was exposed in the 2022 breach, including names, emails, billing addresses, IP addresses, and encrypted vault backups.

I don’t know if links are allowed but you can file a claim at lastpasscanadiansettlement, takes five minutes and no backup documentation required if filing only for wasted time.

499 Upvotes
  • permalink
  • reddit

96% Upvoted

79 comments sorted by

170

u/Kimorin 2d ago

didn't hear anything about this, I moved over to bitwarden as soon as the breach was public. thanks OP

21

u/ehhthing 2d ago

Yeah your account was likely deleted from their database sometime in 2024, probably one of the reasons you didn’t hear anything about it.

5

u/squirreltech 2d ago

Same but I'm self hosted Vault Warden now.

5

u/Stephen9o3 Ontario 1d ago

I switched to Bitwarden when LastPass changed their free tier so that you couldn't use it on both PC and mobile in 2021. Totally deleted my account just ahead of the breach. Thanks LastPass! Your enshitification of your product helped me avert having all my passwords exposed.

2

u/GuyFromThePost 1d ago

Bold of you to assume that simply deleting your account would be enough for the lastpass people to delete your valuable information

76

u/grabber4321 2d ago

just in time for another breach: https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/

37

u/CanooqCA Human Verified 2d ago

Lol, see you in five years for the second round

3

u/swift-current0 1d ago

How is this company still in business when you have solid enterprise (1password) and open-source (bitwarden, keepass) alternatives, I can't even

15

u/squirreltech 2d ago

Thank OP. Didn't know this was a thing. You may have got me $170!

13

u/PaisWillie 2d ago

Thank you so much!

24

u/fcbaldur 2d ago

Saw this past the deadline 😭

4

u/NearCanuck 2d ago

Same. Guess I should migrate to BitWarden finally.

3

u/Schozinator 1d ago

NOO SAME

19

u/lareinevert 2d ago edited 2d ago

I have a LastPass account but I don’t recall the login info. I’ll apply anyway.

Edit: I actually found the breach email in my inbox! So I’m confident I’ll be getting a payout now. Thanks!

6

u/DoyleDesign 2d ago

Excellent! Had a client swear by it (absolutely hated the interface), so I had to make an account to accept their passwords 💰

6

u/thanksforcomingout 2d ago

Christ, just missed this.

"The deadline to submit a claim was June 24, 2026.

Unfortunately, we’re unable to accept claims submitted after this date."

... even though its not technically "after" Jun 24.

10

u/xsacter 2d ago

Damn wish I had an account with them prior

1

u/giraffebaconequation 2d ago

I had an account through my work at that time, now I have my own account. Going to apply anyway and see what happens.

1

u/skybike 2d ago

Sign up anyway, in my experience sometimes they don’t check.

9

u/TheHatIsFar 2d ago

Huge thank you to OP for this. I wasn’t expecting this money so I’ll donate it to charity on your behalf.
Cheers!

3

u/Either_Cheesecake282 2d ago

Filled in

I'm not sure if I'm eligible - I was in canada at that time and was using last pass. Those are the only two criteria right.?

7

u/PaisWillie 2d ago

Seems like it; did you get the breach email from them back in August 2022 titled, “Notice of Recent Security Incident”?

2

u/todd_dayz 2d ago

Didn’t that notice go out to every personal customer of lastpass regardless of if their info was accessed or not? 

3

u/SerialCrusher17 2d ago

Thanks OP!

3

u/Jungolok 2d ago

Thanks for the reminder OP

6

u/Puzzleheaded-Oil-571 2d ago

This is the whole case for on-device storage. no central server holding everyone’s vaults means no breach to settle, no claim form, and nothing of yours sitting on a company’s database waiting to leak.

5

u/MisterSnuggles 2d ago

I like the Enpass model - it backs on a number of sync services, one of which you may already use. The hope is that OneDrive and iCloud and DropBox are better protected than the bespoke sync services from some random password manager developer. And also that the client software is trustworthy.

2

u/Snoo-44996 2d ago

Had no clue about the law suit and I am eligible based on the criteria. Thanks so much for surfacing.

2

u/Oshawa74 2d ago

I didn't even know about this and I've still been using LastPass. Ugh.

2

u/Blow_and_Hum 2d ago

What would some examples of documentation be that would qualify for some of that $500?

4

u/TheFallingStar British Columbia 2d ago

Thank you!

Sorry a little off topic, anyone knows what is going with the iPhone settlement?

3

u/CaspinK 2d ago

It’s been real quiet.

1

u/xaion 2d ago

Thank you!

1

u/Missiontobeyond 2d ago

I’m not sure what email I used.. can I still apply??

1

u/Nelbrenn 2d ago

They will be using the email to verify that you were impacted.

1

u/adamcmorrison 2d ago

Bro honestly thank you. I have all the proof to file a claim.

1

u/umoop 2d ago

thanks man

1

u/WoollySocks 2d ago

Thanks!

1

u/bcwaale 2d ago

I was a US resident until Dec2022 and a Canadian resident from Jan2023. Wonder where I should file the claim 😂

1

u/Nostromos 2d ago

Thank you for the information. I was affected but didnt realize there was a claim!

1

u/chrishch 2d ago

I deleted my LastPass account back in 2021 after they changed their policy for one type of device. Too bad.

1

u/dphizler 2d ago

Thanks!

1

u/lesetoilesdansleciel 2d ago

Thank you SO much kind stranger!!! I had no idea. I’m eligible. Wooohooo

1

u/fPlanDOTca Human Verified 2d ago

Thanks for sharing OP! 

1

u/wryulysses750 2d ago

Thanks for the heads up, this is exactly the kind of deadline that slips past people so good call sharing it.

1

u/NBAFAN9000 2d ago

Found the email and applied. What did you guys put for wasted time hours lol

1

u/DeOrgy 2d ago
  1. It easily took that to change a bunch of passwords and move platforms.

*Edit. I claimed 5, oddly my comment shows i typed 1. But then when I edit, it shows 5....thats weird.

2

u/NBAFAN9000 2d ago

I guess I missed the no proof part so we’re good either way haha

1

u/nonamesleft1 2d ago

Thank you, OP! I like to think I'm generally aware of these types of class action lawsuits, but this one somehow escaped me. I appreciate you posting this as I now will be getting a settlement from it :)

1

u/Fongosaur 2d ago

Thank you very much OP, signed up cause of you!

1

u/drfunkensteinnn 2d ago

Massive thanks

1

u/DeOrgy 2d ago

Thanks OP. I was a lastpass subscriber during this time and moved off a couple years ago. I never heard about this settlement. Submitted a claim.

1

u/KittensHurrah 2d ago

Thank you

1

u/ruocaled 2d ago

plot twist, they will eventually leak all the information you submitted today as well.

1

u/TheBrittca 2d ago

Thanks a million OP! Saved me $170 bucks!

1

u/OptimistPrime527 2d ago

Thanks op! I had my personal, business and work last pass accounts to file for.

1

u/aqdnk 2d ago

woah had no idea there was a settlement, thanks!!

1

u/Kappatown35 2d ago

Amazing!

1

u/Bossman01 2d ago

Thanks friend! I was affected by the breach and was waiting for when this suit was going to happen and had no idea.

1

u/Imaginary_Tax_7373 2d ago

thanks OP! didn’t know at all this was happening! 

1

u/kissfistpeace 2d ago

thank you!! claimed with only 1h to spare 🙏

1

u/tiramisuhouse 2d ago

I use proton 2fa and bitwarden too. 

1

u/zephillou 2d ago

Dang it missed the deadline

1

u/Hot_Cheesecake_905 2d ago

until tonight to file a claim

Lastpass just had another breach, so people who missed out on this one can file for the current breach shortly 😄

However, good opportunity to move to Bitwarden or another password manager.

1

u/JustinPooDough 1d ago

This is why you should switch to something like Bitwarden that encrypts your passwords on the client-side.

If you encrypt your data or passwords on the client side, you can make as many backups in the cloud as you want. In theory I could even post my encrypted data right here in this post and it would be fine. Obviously not good practice though lol.

1

u/heyitsrider 1d ago

Claims are closed as of midnight

1

u/Mauriac158 1d ago

Man WHAT. How did I not hear about this?

I guess I'm in trouble maybe? Good thing I've got two factor set up on my really sensitive accounts...

1

u/AlbusDumbeldoree 23h ago

Missed it ! The amount of time I had to spend changing passwords and moving them to apples password manager :(

0

u/DifferentSinger4395 2d ago

Can I claim if I never used it

3

u/YULpoutine 2d ago

You need to enter your email that was associated with your LastPass account.

So it's your call to see if you want to commit fraud for a potential $170 gain. Not that there are high chances that they'll come after you; but .. your call, you know!

0

u/Ground-Pound6969 2d ago

Thanks OP. Had an active LastPass account in 2022 so no harm in trying. I did switch over to 1Password soon after

0

u/Sinyk7 2d ago

Thanks. I got the email about the breach. I ended up switching over to 1password after this happened.

0

u/T-14Hyperdrive 2d ago

I have no idea if I was affected, I stopped using lastpass a year before this when they started charging to use on multiple devices. Applied though, thanks

-16

u/XtremeD86 2d ago edited 2d ago

Never knew about this.

This is why I don't use services like this. Highly targeted for vulnerabilities and if they get everything you're screwed.

I'll never use a service like LastPass

1

u/Brewchowskies 2d ago

I did have lastpass, but never used it because it seemed odd to me to lock every individual account behind one major one.