LastPass-owner GoTo (previously LogMeIn) on Tuesday disclosed that unidentified menace actors have been capable of steal encrypted backups of some clients’ information together with an encryption key for a few of these backups in a November 2022 incident.
The breach, which focused a third-party cloud storage service, impacted Central, Professional, be part of.me, Hamachi, and RemotelyAnywhere merchandise, the corporate mentioned.
“The affected info, which varies by product, could embody account usernames, salted and hashed passwords, a portion of multi-factor Authentication (MFA) settings, in addition to some product settings and licensing info,” GoTo’s Paddy Srinivasan mentioned.
Moreover, MFA settings pertaining to a subset of its Rescue and GoToMyPC clients have been impacted, though there isn’t any proof that the encrypted databases related to the 2 providers have been exfiltrated.
The corporate didn’t disclose what number of customers have been impacted, however mentioned it is immediately contacting the victims to supply extra info and advocate sure “actionable steps” to safe their accounts.
GoTo has additionally taken the step of resetting the passwords of affected customers and requiring them to reauthorize MFA settings. It additional mentioned it is migrating their accounts to an enhanced identification administration platform that claims to supply extra sturdy safety.
The enterprise software program supplier emphasised that it does retailer full bank card particulars and that it doesn’t gather private info comparable to dates of delivery, addresses, and Social Safety numbers.
The announcement comes practically two months after each GoTo and LastPass disclosed “uncommon exercise inside a third-party cloud storage service” that is shared by the 2 platforms.
LastPass, in December 2022, additionally revealed that the digital housebreaking leveraged info stolen from an earlier breach that happened in August and enabled the adversary to steal a large stash of buyer information, together with a backup of their encrypted password vaults.
The obtained info was “used to focus on one other worker, acquiring credentials and keys which have been used to entry and decrypt some storage volumes throughout the cloud-based storage service,” it famous.