GoTo Encrypted Backups Stolen in LastPass BreachGoTo Encrypted Backups Stolen in LastPass Breach
Encrypted backups for several GoTo remote work tools were exfiltrated from LastPass, along with encryption keys.
January 25, 2023
The GoTo remote work tool software platform has confirmed that encrypted backups for several of its tools, including Central, Pro, join.me, Hamachi, and RemotelyAnywhere, were exfiltrated, along with some encryption keys, in last November's compromise of the LastPass cloud-based password keeper.
The compromised GoTo data could include usernames, salted and hashed passwords, some multifactor authentication (MFA) settings, product settings, and licensing information, according to the company's recent disclosure.
Impacted customers will be contacted by GoTo directly, and all affected users will have their passwords and MFA settings reset, according to a post from GoTo CEO Paddy Srinivasan, which included details on the breach.
"In addition, we are migrating their accounts onto an enhanced identity management platform, which will provide additional security with more robust authentication and login-based security options," Srinivasan added.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023