After DCing with @kyle, this is almost certainly it.

I verified that my LastPass export contains the key.

I (correctly) moved off of LP in late 2022 after the first hack and moved to Ledger / paper / 1Password after the breach.

However, I lazily never moved away from my primary hot wallet.

Its key was in LastPass.

here's yet another reminder:
if you ever put keys in LastPass - gtfo of that wallet. people are STILL getting hit in waves. there are probably still more to come

advocating for independent operators @ethstaker // stake responsibly //
be a kind human // slomad

Point of fact here, if you put something in there, change whatever it was… if you’ve taken the right actions post incident your exposure should be relatively low, but the nature of the attack was that your passwords in that honey pot will haunt you until they are changed.

Iirc vaults leaked but if you had a strong master pw unclear if anything to worry about, those could take decades to bruteforce

(I.e. 50+ characters, adding entropy every year for multi years)

Idk anyone with good master+sub-pws for secure notes who got drained

Nature of using a cloud service imo

So my question is do you trust Bitwarden with the same job?