GoTo hack may have caused users’ personal information to be stolen. Although the company argues the opposite, many sources say users are in danger.
GoTo, the owner of LastPass and a provider of remote collaboration and IT services, has acknowledged that a security compromise in November 2022 resulted in the theft of client data in addition to LastPass’ password vaults.
For the first time since GoTo verified “unusual activity” within its development environment and cloud storage service on November 30th, the organization, formerly known as LogMeIn, is updating its blog post regarding the breach.
A large number of GoTo’s business-oriented products, including Central, Pro, join.me, Hamachi, and RemotelyAnywhere, were impacted. Almost two months ago, according to GoTo CEO Paddy Srinivasan, a hacker “exfiltrated encrypted backups from a third-party cloud storage service” and obtained the encryption key for some of them. According to the terms and conditions of each product, the data collected “may include account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and license information”.
The company started to send e-mails to their users about the GoTo hack
GoTo previously reported in November that hackers had acquired access to the company’s development environment as well as a third-party cloud storage provider that both it and LastPass used.
The disclosure was rather low-key, and it seemed that just business data, not client data, had been obtained.
However, the business has now started sending emails to clients informing them that their data backups had been accessed. The company’s e-mail on GoTo hack is as follows:
‘’The information in the affected backups include your Central and Pro account usernames and salted and hashed passwords. It also includes your deployment and provisioning information, One-ToMany scripts (Central only), some Multi-Factor Authentication information, licensing and purchasing data such as user emails, phone numbers, billing addresses, and the last four digits of credit card numbers (we do not store full credit card or bank details),’’.
‘’In addition, we have evidence that a threat actor also exfiltrated an encryption key for a portion of the encrypted data. However, as part of our security protocols, we salt and hash Central and Pro account passwords. This provides an additional layer of security within the encrypted backups.’’.
-Company’s e-mail on GoTo hack
Are you safe from the GoTo hack?
According to GoTo, the company doesn’t keep track of its clients’ credit card or bank information or compile personal data like dates of birth, addresses, or Social Security numbers. Contrast that with the incident that affected its subsidiary, LastPass, in which hackers grabbed the contents of users’ encrypted password vaults along with their names, email addresses, phone numbers, and some payment information.
The number of impacted consumers was not disclosed by GoTo. Jen Mathews, director of public relations at GoTo, claimed that the company has 800,000 clients, including businesses, but she declined to address our other queries. When contacted prior to publication, GoTo spokesman Nikolett Bacso-Albaum likewise continuously denied to comment or answer any questions.
GoTo is reportedly reaching out to affected customers directly and encouraging them to reset their passwords and reauthorize their MFA settings “out of an excess of caution,” according to Srinivasan.
GoTo hack was partially responsible for LastPass data breach
According to LastPass, unidentified hackers broke into its cloud storage in August 2022 using information obtained from an earlier security issue. According to the organization, the threat actors were also able to access client data kept in the compromised storage service.
According to the company, “We recently discovered suspicious activity within a third-party cloud storage provider, which is currently used by both LastPass and its partner, GoTo.” “We have found that an unauthorized person was able to access some components of our customers’ information using information gained in the August 2022 event.”
In order not to be affected by the GoTo hack, we recommend that you change your password immediately if you have an account on each of the mentioned platforms. While we end our news here, we recommend you take a look at our article titled Comprehensive list of low-security shopping sites.
