If your personal information was compromised in the 2022 LastPass data breach, you can now apply for compensation through a new class action settlement.
This class action suit follows a data breach involving a LastPass engineer’s home computer, resulting in unauthorized access to users’ vault backups, names, billing addresses, and phone numbers between August 2022 and March 2023.
Final approval for the settlement was given on Feb. 18, 2026, by the Supreme Court of British Columbia, where the suit was originally filed. As expected, this cleared the way for any users affected by the breach to seek damages.
The settlement is open to anyone residing in Canada whose private information was accessed during the breach, and who didn’t opt out by the December 2025 deadline.
Eligible users can file for two different types of compensation: Ordinary Claims and Crypto Claims.
Under Ordinary Claims, users can claim up to five hours of wasted time spent addressing the breach at a rate of $34.01 per hour, totalling $170.05. Claimants can also request up to $500 for out-of-pocket expenses incurred by May 31, 2023, provided they can supply the supporting documents proving that the costs were related to the breach.
Under Crypto Claims, users may seek damages for the loss of digital assets reasonably linked to the compromised vault data. Unlike standard time-loss claims, those filing for crypto asset losses must provide documentation and certification to be considered valid by the claims administrator.
The claims period officially began on Mar. 25, 2026, and will close at the deadline on Jun. 23, 2026, at 11:59 PM PT or 2:59 AM ET. All claim forms must be submitted electronically or postmarked by the previously-mentioned deadline to be eligible for the payout. All successful claims will be issued in Canadian dollars, with payment by either Interac e-transfer or cheque.
