LastPass’ parent company GoTo — formerly LogMeIn — has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems.
The breach was first confirmed by LastPass on November 30. At the time, LastPass chief executive Karim Toubba said an “unauthorized party” had gained access to some customers’ information stored in a third-party cloud service shared by LastPass and GoTo. The attackers used information stolen from an earlier breach of LastPass systems in August to further compromise the companies’ shared cloud data. GoTo, which bought LastPass in 2015, said at the time that it was investigating the incident.
Now, almost two months later, GoTo said in an updated statement that the cyberattack impacted several of its products, including business communications tool Central; online meetings service Join.me; hosted VPN service Hamachi, and its Remotely Anywhere remote access tool.
GoTo said the intruders exfiltrated customers’ encrypted backups from these services — as well as the company’s encryption key for securing the data.
“The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of multi-factor authentication (MFA) settings, as well as some product settings and licensing information,” said GoTo CEO Paddy Srinivasan. “In addition, while Rescue and GoToMyPC encrypted databases were not exfiltrated, MFA settings of a small subset of their customers were impacted.”
Despite the delay, GoTo provided no remediation guidance or advice for affected customers.
GoTo said the company does not store customers’ credit card or bank details, or collect personal information, such as date of birth, home address, or Social Security numbers. That’s in sharp contrast to the hack affecting its subsidiary, LastPass, during which attackers stole the contents of customers’ encrypted password vaults, along with customers’ names, email addresses, phone numbers, and some billing information.
GoTo did not say how many customers are affected. The company has 800,000 customers, including enterprises, according to GoTo public relations director Jen Mathews, who declined to answer our other questions. GoTo spokesperson Nikolett Bacso-Albaum also repeatedly declined to comment or respond to TechCrunch’s questions when reached prior to publication.
Srinivasan says GoTo is contacting affected customers directly and is advising those impacted to reset passwords and reauthorize MFA settings “out of an abundance of caution.”
https://techcrunch.com/
The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency. HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on […]
The U.S. Supreme Court has declined to block a lawsuit brought by WhatsApp challenging the alleged mass phone hacking by Israeli spyware maker NSO Group. Meta-owned WhatsApp first filed a suit against NSO Group in 2019 claiming the spyware maker exploited an audio-calling vulnerability in WhatsApp to stealthily deliver its Pegasus phone spyware onto users’ […]
SC Media UK has collected predictions across a range of categories from cybersecurity experts. Here we give you the roundup… What might 2023 bring in term of cyber? Our experts found consensus on a few areas. First, boardroom metrics will become more important as senior execs demand transparency through quantified insights on the company’s security posture. […]
Leave a Reply