• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised

You are here: Home / General Cyber Security News / LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised
January 25, 2023

GoTo Suffers Data Breach

LastPass-owner GoTo (formerly LogMeIn) on Tuesday disclosed that unidentified danger actors have been able to steal encrypted backups of some customers’ data alongside with an encryption essential for some of individuals backups in a November 2022 incident.

The breach, which specific a third-party cloud storage company, impacted Central, Pro, be a part of.me, Hamachi, and RemotelyAnywhere products, the enterprise explained.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“The afflicted data, which may differ by product or service, may perhaps incorporate account usernames, salted and hashed passwords, a portion of multi-factor Authentication (MFA) options, as nicely as some merchandise options and licensing data,” GoTo’s Paddy Srinivasan claimed.

Additionally, MFA configurations pertaining to a subset of its Rescue and GoToMyPC clients have been impacted, despite the fact that there is no proof that the encrypted databases associated with the two solutions had been exfiltrated.

The corporation did not disclose how many users were being impacted, but said it’s specifically speaking to the victims to give more data and suggest specific “actionable actions” to protected their accounts.

GoTo has also taken the phase of resetting the passwords of affected buyers and demanding them to reauthorize MFA configurations. It further said it really is migrating their accounts to an increased id management system that statements to supply more sturdy security.

The business software provider emphasized that it does keep comprehensive credit history card details and that it does not accumulate particular data these kinds of as dates of delivery, addresses, and Social Security numbers.

The announcement will come almost two months just after equally GoTo and LastPass disclosed “abnormal exercise inside of a 3rd-party cloud storage provider” that is shared by the two platforms.

LastPass, in December 2022, also uncovered that the digital burglary leveraged data stolen from an before breach that took spot in August and enabled the adversary to steal a massive stash of consumer data, including a backup of their encrypted password vaults.

The obtained facts was “employed to target a further personnel, obtaining qualifications and keys which were applied to accessibility and decrypt some storage volumes within the cloud-based storage service,” it pointed out.

Discovered this article exciting? Comply with us on Twitter  and LinkedIn to go through extra unique information we publish.


Some elements of this posting are sourced from:
thehackernews.com

Previous Post: «vmware releases patches for critical vrealize log insight software vulnerabilities VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised
  • VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities
  • VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities
  • DragonSpark Hackers Evade Detection With SparkRAT and Golang
  • FBI Confirms Lazarus Group Was Behind $100m Harmony Hack
  • Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery
  • #DataPrivacyWeek: Consumers Already Concerned About AI’s Impact on Data Privacy
  • Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection
  • FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft
  • Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium

Copyright © TheCyberSecurity.News, All Rights Reserved.