[wutwutwutwut]

Couldn't it just be that someone got a copy of the password some years ago and now sold the list of credentials to someone else, who then tried to use it? Maybe the original owner of the list didn't realize some of the credentials was for LastPass, for example.

I'm still seeing hackers trying to log on using passwords I haven't used in ~10 years, because it's on a list somewhere.

[gregsadetsky]

I agree, that could make sense.

So LastPass (their extension) may have been hacked ~5 years ago ish, a few people here on the thread were all hacked in the same way, our passwords were sold off, and now the same Brazil IP range just tried all of those passwords.

[kreetx]

Perhaps you can ask the other victims when did they register their accounts to see if that's true?

[gregsadetsky]

I've been trying to ask this to people posting reports, and although there are many "older" accounts (like mine, circa 2017 or older), at least 2 reports are from accounts created this year:

https://news.ycombinator.com/item?id=29710262

https://news.ycombinator.com/item?id=29711950

That would make "more sense" that our credentials weren't stored and unused for years, i.e. that this is possibly a new, recent breach.

[sillysaurusx]

This seems likely.