Tuesday, January 31, 2023
LetsAskBinu.com
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things
No Result
View All Result
LetsAskBinu.com
No Result
View All Result
Home Cybersecurity

GoTo Says Hackers Stole Encrypted Backups, MFA Settings

Researcher by Researcher
January 24, 2023
in Cybersecurity
0
GoTo Says Hackers Stole Encrypted Backups, MFA Settings
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


IT management software firm GoTo on Tuesday said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach that also affected its LastPass affiliate.

GoTo chief executive Paddy Srinivasan confirmed the security breach was far worse than originally reported and included the theft of account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information.

In a notice posted online, Srinivasan the encrypted backups were related to multiple GoTo-owned software products:

“Our investigation to date has determined that a threat actor exfiltrated encrypted backups from a third-party cloud storage service related to the following products: Central, Pro, join.me, Hamachi, and RemotelyAnywhere. 

We also have evidence that a threat actor exfiltrated an encryption key for a portion of the encrypted backups. The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information. 

In addition, while Rescue and GoToMyPC encrypted databases were not exfiltrated, MFA settings of a small subset of their customers were impacted.” 

Srinivasan said the company has no evidence of exfiltration affecting any other GoTo products or any of GoTo’s production systems.

Even though all account passwords were salted and hashed in accordance with best practices, Srinivasan said GoTo plans to reset the passwords of affected users and/or reauthorize MFA settings where applicable. 

“In addition, we are migrating their accounts onto an enhanced Identity Management Platform, which will provide additional security with more robust authentication and login-based security options,” the GoTo CEO said. 

In August last year, GoTo affiliate LastPass disclosed a data breach that included the theft of source code and proprietary technical information.  In November, GoTo said it was also affected by that hack, which is linked to an unnamed third-party cloud security vendor.

In a worrisome update in late December, the password management outfit admitted the hackers behind the August breach stole a massive stash of customer data, including password vault data that could be exposed by brute-forcing or guessing master passwords.

LastPass said the hackers broke into its network in August and used information from that hack to return and hijack customer data that included company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service.  

In addition, the unidentified actor was also able to copy a backup of customer vault data from an encrypted storage container.

The exposed container contained both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.

Related: LastPass Says Password Vault Data Hijacked in Data Breach

Related: LastPass Source Code Stolen in Data Breach

Related: GoTo, LastPass Notify Customers of New Data Breach Related to Previous Incident

Related: LastPass Found No Code Injection Attempts Following August Data Breach



Source link

Related articles

Novel Malware Installed in VMware ESXi Attacks

VMware Fixes vRealize Log Insight RCE Bugs

January 31, 2023
Securing CI/CD. There are many organizations moving to… | by Binu Panicker | Jan, 2023

Securing CI/CD. There are many organizations moving to… | by Binu Panicker | Jan, 2023

January 30, 2023
Tags: BackupsEncryptedGoToHackersMFAsettingsstole
Share76Tweet47

Related Posts

Novel Malware Installed in VMware ESXi Attacks

VMware Fixes vRealize Log Insight RCE Bugs

January 31, 2023
0

VMware has released updates for a group of four vulnerabilities in its vRealize Log Insight logging platform, three of which...

Securing CI/CD. There are many organizations moving to… | by Binu Panicker | Jan, 2023

Securing CI/CD. There are many organizations moving to… | by Binu Panicker | Jan, 2023

January 30, 2023
0

There are many organizations moving to the cloud every day. Some are developing software at a fast pace, some are...

The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment

The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment

January 30, 2023
0

On Friday, January 20, 2023, Google announced it would lay off 12,000 employees. Amazon and Microsoft have laid off a...

How IT Budgets Should Fill Cybersecurity Moats in 2023

How IT Budgets Should Fill Cybersecurity Moats in 2023

January 30, 2023
0

TechRepublic speaks with Carlos Morales of Neustar Security Services on the best ways for companies to spend on cybersecurity —...

Boosting Data Security with AI and Blockchain | by Binu Panicker | Jan, 2023

Boosting Data Security with AI and Blockchain | by Binu Panicker | Jan, 2023

January 30, 2023
0

Today, data is considered the new oil and rightly so because the amount and type of data collected on people...

Load More
  • Trending
  • Comments
  • Latest
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 15/03

March 15, 2022
QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

March 15, 2022
Supply chain efficiency starts with securing port operations

Supply chain efficiency starts with securing port operations

March 15, 2022
A first look at threat intelligence and threat hunting tools

A first look at threat intelligence and threat hunting tools

March 15, 2022
Beware! Facebook accounts being hijacked via Messenger prize phishing chats

Beware! Facebook accounts being hijacked via Messenger prize phishing chats

0
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

0
Remote work causing security issues for system and IT administrators

Remote work causing security issues for system and IT administrators

0
Elementor WordPress plugin has a gaping security hole – update now – Naked Security

Elementor WordPress plugin has a gaping security hole – update now – Naked Security

0
Novel Malware Installed in VMware ESXi Attacks

VMware Fixes vRealize Log Insight RCE Bugs

January 31, 2023
KITMEK Launches $1 Digital Only School for Children Across MENA

KITMEK Launches $1 Digital Only School for Children Across MENA

January 31, 2023
Whole-Network Visualization With Meraki Dashboard

Whole-Network Visualization With Meraki Dashboard

January 31, 2023
Securing CI/CD. There are many organizations moving to… | by Binu Panicker | Jan, 2023

Securing CI/CD. There are many organizations moving to… | by Binu Panicker | Jan, 2023

January 30, 2023

Recent Posts

Novel Malware Installed in VMware ESXi Attacks

VMware Fixes vRealize Log Insight RCE Bugs

January 31, 2023
KITMEK Launches $1 Digital Only School for Children Across MENA

KITMEK Launches $1 Digital Only School for Children Across MENA

January 31, 2023
Whole-Network Visualization With Meraki Dashboard

Whole-Network Visualization With Meraki Dashboard

January 31, 2023

Categories

  • Cyber Threats
  • Cybersecurity
  • Fintech
  • Hacking
  • Internet Of Things
  • Malware
  • Networking
  • Protection

Tags

Access attack Attacks banking BiWeekly bug Cisco cloud code critical Cybersecurity Data Digital exploited financial Finds Fintech Flaw flaws Google Group Hackers Krebs Latest launches malware Microsoft million Network News open patches Payments platform Ransomware RoundUp security Software TFT Threat Top vulnerabilities vulnerability warns Week

© 2022 Lets Ask Binu All Rights Reserved

No Result
View All Result
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things

© 2022 Lets Ask Binu All Rights Reserved